ISO/IEC 27006:2015

Information technology — Security techniques — Requirements for bodies providing audit and certification of information security management systems

Publication date:   Sep 30, 2015

95.99 Withdrawal of Standard   Mar 1, 2024

General information

95.99 Withdrawal of Standard   Mar 1, 2024

ISO/IEC

ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection

International Standard

35.030   IT Security | 03.120.20   Product and company certification. Conformity assessment

Buying

  Withdrawn

PDF - €76.23

  English  



Buy

Scope

ISO/IEC 27006:2015 specifies requirements and provides guidance for bodies providing audit and certification of an information security management system (ISMS), in addition to the requirements contained within ISO/IEC 17021‑1 and ISO/IEC 27001. It is primarily intended to support the accreditation of certification bodies providing ISMS certification.
The requirements contained in this International Standard need to be demonstrated in terms of competence and reliability by any body providing ISMS certification, and the guidance contained in this International Standard provides additional interpretation of these requirements for any body providing ISMS certification.
NOTE This International Standard can be used as a criteria document for accreditation, peer assessment or other audit processes.

Life cycle

PREVIOUSLY

WITHDRAWN
ISO/IEC 27006:2011

NOW

WITHDRAWN
ISO/IEC 27006:2015
95.99 Withdrawal of Standard
Mar 1, 2024

CORRIGENDA / AMENDMENTS

WITHDRAWN
ISO/IEC 27006:2015/Amd 1:2020

REVISED BY

PUBLISHED
ISO/IEC 27006-1:2024