BS ISO/IEC 27013:2015
Withdrawn
View Superseded by
Information technology. Security techniques. Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1
Hardcopy , PDF
English
12-31-2015
12-16-2021
Foreword
Introduction
1 Scope
2 Normative references
3 Terms, definitions and abbreviated terms
4 Overviews of ISO/IEC 27001 and ISO/IEC 20000-1
5 Approaches for integrated implementation
6 Integrated implementation considerations
Annex A (informative) - Correspondence between
ISO/IEC 27001 and ISO/IEC 20000-1
Annex B (informative) - Comparison of ISO/IEC 27000
and ISO/IEC 20000-1 terms
Bibliography
Specifies guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 for those organizations which are intending to either: a) implement ISO/IEC 27001 when ISO/IEC 20000-1 is already implemented, or vice versa; b) implement both ISO/IEC 27001 and ISO/IEC 20000-1 together; c) integrate existing ISO/IEC 27001 and ISO/IEC 20000-1 management systems.
| Committee |
IST/33/1
|
| DevelopmentNote |
Supersedes 11/30207802 DC. (11/2012) Supersedes 15/30299325 DC. (12/2015)
|
| DocumentType |
Standard
|
| Pages |
50
|
| PublisherName |
British Standards Institution
|
| Status |
Withdrawn
|
| SupersededBy | |
| Supersedes |
This International Standard provides guidance on the integrated implementation of ISO/IEC27001 and ISO/IEC20000‑1 for those organizations that are intending to either implement ISO/IEC27001 when ISO/IEC20000‑1 is already implemented, or vice versa, implement both ISO/IEC27001 and ISO/IEC20000‑1 together, or integrate existing management systems based on ISO/IEC27001 and ISO/IEC20000‑1 . This International Standard focuses exclusively on the integrated implementation of an information security management system (ISMS) as specified in ISO/IEC27001 and a service management system (SMS) as specified in ISO/IEC20000‑1 . In practice, ISO/IEC27001 and ISO/IEC20000‑1 can also be integrated with other management system standards, such as ISO9001 and ISO14001 .
| Standards | Relationship |
| ISO/IEC 27013:2015 | Identical |
| BS 65000:2014 | Guidance on organizational resilience |
| ISO/IEC TR 20000-5:2013 | Information technology — Service management — Part 5: Exemplar implementation plan for ISO/IEC 20000-1 |
| ISO 19011:2011 | Guidelines for auditing management systems |
| ISO/IEC 27001:2013 | Information technology — Security techniques — Information security management systems — Requirements |
| ISO/IEC TR 90006:2013 | Information technology — Guidelines for the application of ISO 9001:2008 to IT service management and its integration with ISO/IEC 20000-1:2011 |
| ISO/IEC 27003:2017 | Information technology — Security techniques — Information security management systems — Guidance |
| ISO/IEC 27004:2016 | Information technology — Security techniques — Information security management — Monitoring, measurement, analysis and evaluation |
| ISO 31000:2009 | Risk management — Principles and guidelines |
| ISO/IEC 27006:2015 | Information technology — Security techniques — Requirements for bodies providing audit and certification of information security management systems |
| ISO/IEC 27014:2013 | Information technology — Security techniques — Governance of information security |
| ISO/IEC 27002:2013 | Information technology — Security techniques — Code of practice for information security controls |
| ISO/IEC TR 20000-9:2015 | Information technology — Service management — Part 9: Guidance on the application of ISO/IEC 20000-1 to cloud services |
| ISO/IEC TR 20000-4:2010 | Information technology — Service management — Part 4: Process reference model |
| ISO/IEC 27010:2015 | Information technology — Security techniques — Information security management for inter-sector and inter-organizational communications |
| ISO/IEC 20000-1:2011 | Information technology — Service management — Part 1: Service management system requirements |
| ISO/IEC 20000-2:2012 | Information technology — Service management — Part 2: Guidance on the application of service management systems |
| ISO/IEC 20000-3:2012 | Information technology — Service management — Part 3: Guidance on scope definition and applicability of ISO/IEC 20000-1 |
| ISO/IEC 27005:2011 | Information technology — Security techniques — Information security risk management |
| ISO 9000:2015 | Quality management systems — Fundamentals and vocabulary |
| ISO/IEC TR 27008:2011 | Information technology — Security techniques — Guidelines for auditors on information security controls |
| ISO/IEC TS 15504-8:2012 | Information technology — Process assessment — Part 8: An exemplar process assessment model for IT service management |
| ISO/IEC 27007:2017 | Information technology — Security techniques — Guidelines for information security management systems auditing |
| ISO/IEC 27000:2016 | Information technology — Security techniques — Information security management systems — Overview and vocabulary |
| ISO/IEC TR 20000-10:2015 | Information technology — Service management — Part 10: Concepts and terminology |
| ISO Guide 73:2009 | Risk management — Vocabulary |
Please Login or Create an Account so you can add users to your Multi user PDF Later.
Important note : All end users must be registered with an Account prior to user licenses being assigned.
Users cannot be edited or removed once added to your Multi user PDF.