标准编号:ISO/IEC 27006:2007
中文名称:信息技术 安全技术 信息安全管理体系审计和认证机构的要求
英文名称:Information technology — Security techniques — Requirements for bodies providing audit and certification of information security management systems
发布日期:2007-03
标准范围
This International Standard specifies requirements and provides guidance for bodies providing audit andcertification of an information security management system (ISMS), in addition to the requirements containedwithin ISO/IEC 17021 and ISO/IEC 27001. It is primarily intended to support the accreditation of certificationbodies providing ISMS certification.The requirements contained in this International Standard need to be demonstrated in terms of competenceand reliability by any body providing ISMS certification, and the guidance contained in this InternationalStandard provides additional interpretation of these requirements for any body providing ISMS certification.NOTE This International Standard can be used as a criteria document for accreditation, peer assessment or other auditprocesses.
立即下载标准文件