EN ISO/IEC 27006:2020

Information technology - Security techniques - Requirements for bodies providing audit and certification of information security management systems (ISO/IEC 27006:2015, including Amd 1:2020) EN ISO/IEC 27006:2020

General information

Current stage: 99.60 Withdrawal effective Mar 13, 2024

Originator: CEN/CENELEC

Owner: CEN/CLC/JTC 13 Cybersecurity and Data Protection

Type: European Norm

ICS: 03.120.20 Product and company certification. Conformity assessment | 35.030 IT Security

Scope

ISO/IEC 27006:2015 specifies requirements and provides guidance for bodies providing audit and certification of an information security management system (ISMS), in addition to the requirements contained within ISO/IEC 17021‑1 and ISO/IEC 27001. It is primarily intended to support the accreditation of certification bodies providing ISMS certification.
The requirements contained in this International Standard need to be demonstrated in terms of competence and reliability by any body providing ISMS certification, and the guidance contained in this International Standard provides additional interpretation of these requirements for any body providing ISMS certification.
NOTE This International Standard can be used as a criteria document for accreditation, peer assessment or other audit processes.

Life cycle

NOW

WITHDRAWN
EN ISO/IEC 27006:2020
99.60 Withdrawal effective
Mar 13, 2024

REVISED BY

PUBLISHED
EN ISO/IEC 27006-1:2024

EN ISO/IEC 27006:2020

Information technology - Security techniques - Requirements for bodies providing audit and certification of information security management systems (ISO/IEC 27006:2015, including Amd 1:2020) EN ISO/IEC 27006:2020

General information

Scope

Life cycle

NOW

REVISED BY

Relations

Adopted from ISO/IEC 27006:2015 IDENTICAL