ISO/IEC 27006
Information security standard / From Wikipedia, the free encyclopedia
Dear Wikiwand AI, let's keep it short by simply answering these key questions:
Can you list the top facts and stats about ISO/IEC 27006?
Summarize this article for a 10 year old
ISO/IEC 27006 is an information security standard published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Part of the ISO/IEC 27000 series of ISO/IEC Information Security Management System (ISMS) standards, it is titled Information technology - Security techniques - Requirements for bodies providing audit and certification of information security management systems.
This article may rely excessively on sources too closely associated with the subject, potentially preventing the article from being verifiable and neutral. (September 2022) |
ISO/IEC 27006 lays out formal requirements for accredited organizations which certify other organizations compliant with ISO/IEC 27001.
It effectively replaces EA 7/03 (Guidelines for the Accreditation of bodies operating certification/ registration of. Information Security Management Systems).
The standard helps ensure that ISO/IEC 27001 certificates issued by accredited organizations are meaningful and trustworthy, in other words it is a matter of assurance.