British Standards contain the combined knowledge of experienced UK subject experts often working together with their international colleagues in an open, consensus-based process.
You can read a description of these standards and some other relevant publications that are available from BSI or other organizations below:
Standard number/name | Description/Benefits | Published by |
BS ISO IEC 27001:2013 Information technology. Security techniques. Information security management systems. Requirements | BS ISO/IEC 27001 is the most widely used standard for cyber security certification. | BSI |
BS ISO IEC 27004 Information security management. Measurement | If you plan to audit an ISMS based on BS ISO/IEC 27001, BS ISO IEC 27004 can help you measure the effectiveness of your management system. | BSI |
PD ISO/IEC TR 27008 Guidelines for auditors on information security controls | PD ISO/IEC TR 27008 will help you audit your security controls. | BSI |
BS ISO/IEC 27007 Guidelines for information security management systems auditing | Professional auditors use BS ISO/IEC 27007 as guidance when auditing an ISMS against BS ISO/IEC 27001 | BSI |
BS ISO/IEC 27006 Requirements for bodies providing audit and certification of information security management systems | Certification bodies must meet the requirements in BS ISO/IEC 27006 if they are to issue internationally recognised ISMS certificates.
|
BSI |
BIP 0071 Guidelines on Requirements and Preparation for ISMS Certification based on ISO/IEC 27001 | BSI books will also help, including Guidelines on Requirements and Preparation for ISMS Certification based on ISO/IEC 27001 which can help you prepare your ISMS for auditing | BSI |
BIP 0072 Are you ready for an ISMS Audit based on ISO/IEC 27001? | This book could help you to avoid failing an external audit.
|
BSI |
BIP 0073 Guide to the Implementation and Auditing of ISMS Controls based on ISO/IEC 27001 | This book will help you audit yourself and understand what external auditors look for. | BSI |
BIS/14/697 Cyber Essentials Scheme: Assurance Framework | Describes the Cyber Essentials scheme certification processes. | BIS |