ISO IEC 27001-2022-AMD1-2024
VIP免费
INTERNATIONAL ISO/IEC
STANDARD 27001
Third edition
2022-10
Information security,cybersecurity
and privacy protection—Information
security management systems—
Requirements
Sécurité de I'information,cybersécurité etprotection de la vie
privée —Systèmes de management de la sécurité de I'information —
Exigences
Reference number
ISO/IEC27001:2022(E)
OISO/IEC 2022
ISO/IEC 27001:2022(E)
COPYRIGHT PROTECTED DOCUMENT
O ISO/IEC2022
All rights reserved.Unless otherwise specified,or required in the context ofits implementation,no part of this publication may
be reproduced or utilized otherwise in any form or by any means,electronic or mechanical,including photocopying,or posting on
the internet or an intranet,without prior writen permission.Permission can be requested from either ISO afthe address below
or ISO's member body in the country of the requester.
ISO copyright office
CP401·Ch.de Blandonnet 8
CH-1214 Vernier,Geneva
Phone:+41227490111
Email:copyright@iso.org
Website:wwwiso.org
Published in Switzerland
ii O ISO/IEC 2022-All rights reserved
ISO/IEC27001:2022(E)
Contents Page
Foreword ...................................................................................................................................................... iv
Introduction .................................................................................................................................................. V
1 Scope .................................................................................................................................................. 1
2 Normative references ................................................................................................................... 1
3 Terms and definitions ..................................................................................................................... 1
4 Context of the organization .......................................................................................................... 1
4.1 Understanding the organization and its context .............................................................. 1
4.2 Understanding the needs and expectations of interested parties ...................................1
4.3 Determining the scope of the information security management system ......................2
4.4 Information security management system ....................................................................... 2
5 Leadership ....................................................................................................................................... 2
5.1 Leadership and commitment ..............................................................................................2
5.2 Policy .......................................................................................................................................3
5.3 Organizational roles,responsibilities and authorities ................................................... 3
6 Planning ........................................................................................................................................... 3
6.1 Actions to address risks and opportunities ......................................................................3
6.1.1 General ......................................................................................................................3
6.1.2 Information security risk assessment ................................................................... 4
6.1.3 Information security risk treatment ................................................................... 4
6.2 Information security objectives and planning to achieve them ...................................... 5
7Support ........................................................................................................................................... 6
7.1 Resources ...............................................................................................................................6
7.2 Competence ............................................................................................................................. 6
7.3 Awareness ..............................................................................................................................6
7.4 Communication ......................................................................................................................6
7.5 Documented information ................................................................................................... 6
7.5.1 General ...................................................................................................................... 6
7.5.2 Creating and updating ............................................................................................. 7
7.5.3 Control of documented information ....................................................................... 7
8Operation.............................................................................................................................................7
8.1 Operational planning and control ......................................................................................... 7
8.2 Information security risk assessment ................................................................................. 8
8.3 Information security risk treatment ..................................................................................8
9Performance evaluation .................................................................................................................8
9.1 Monitoring ,measurement , analysis and evaluation ...........................................................8
9.2 Internal audit ..........................................................................................................................8
9.2.1 General ......................................................................................................................8
9.2.2 Internal audit programme ................................................................................... 9
9.3 Management review ............................................................................................................... 9
9.3.1 General ...................................................................................................................9
9.3.2 Management review inputs ..................................................................................... 9
9.3.3 Management review results .................................................................................. 9
10 Improvement ................................................................................................................................. 10
10.1 Continual improvement ..................................................................................................... 10
10.2 Nonconformity and corrective action ........................................................................... 10
Annex A(normative)Information security controls reference ....................................................... 1
Bibliography ............................................................................................................................................... 19
OISO/IEC 2022-Allrightsreserved iii
摘要:
展开>>
收起<<
INTERNATIONALISO/IECSTANDARD27001Thirdedition2022-10Informationsecurity,cybersecurityandprivacyprotection—Informationsecuritymanagementsystems—RequirementsSécuritédeI'information,cybersécuritéetprotectiondelavieprivée—SystèmesdemanagementdelasécuritédeI'information—ExigencesReferencenumberISO/IEC270...
声明:如果您的权利被侵害,请联系我们的进行举报。
相关推荐
-
IATF16949-2016中英文对照版
2024-04-30 905 -
IATF16949-2016管理评审报告VIP免费
2024-06-12 167 -
新版APQP第三版和CP控制计划第一版 最新的变化点汇总VIP免费
2025-08-04 104 -
IATF16949标准条款VIP免费
2025-11-12 80 -
IATF16949 汽车认证方案——获得并保持IATF认可的规则(第六版)
2025-11-16 468 -
IATF 16949认可解释VIP免费
2025-11-16 56 -
IATF16949:2016中英文版本1012VIP免费
2025-11-17 69 -
IATF16949乌龟图VIP免费
2025-11-24 40 -
IATF16949全套体系资料汇编(质量手册+程序文件+记录表格)
2025-11-28 310 -
IATF16949体系文件——潜在供应商评估表VIP免费
2025-11-28 83
作者:雨尘yc
分类:法规规范
价格:80质量币
属性:32 页
大小:472.59KB
格式:PDF
时间:2026-05-15

