New VDA 4: 2020, English version 2021 is avilable here.

 

PRICES include / exclude VAT
Homepage>BS Standards>03 SOCIOLOGY. SERVICES. COMPANY ORGANIZATION AND MANAGEMENT. ADMINISTRATION. TRANSPORT>03.080 Services>03.080.99 Other services>21/30398709 DC BS ISO/IEC 27013. Information security, cybersecurity and privacy protection. Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1
immediate downloadReleased: 2020-12-21
21/30398709 DC BS ISO/IEC 27013. Information security, cybersecurity and privacy protection. Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

21/30398709 DC

BS ISO/IEC 27013. Information security, cybersecurity and privacy protection. Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

CURRENCY
LANGUAGE
English
Standard number:21/30398709 DC
Pages:63
Released:2020-12-21
Status:Draft for Comment
DESCRIPTION

21/30398709 DC


This standard 21/30398709 DC BS ISO/IEC 27013. Information security, cybersecurity and privacy protection. Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 is classified in these ICS categories:
  • 03.100.70 Management systems
  • 35.030 IT Security
  • 35.020 Information technology (IT) in general
  • 03.080.99 Other services

This document provides guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 for those organizations that are intending to either

  1. implement ISO/IEC 27001 when ISO/IEC 20000-1 is already implemented, or vice versa,

  2. implement both ISO/IEC 27001 and ISO/IEC 20000-1 together, or

  3. integrate existing management systems based on ISO/IEC 27001 and ISO/IEC 20000-1.

This document focuses exclusively on the integrated implementation of an information security management system (ISMS) as specified in ISO/IEC 27001 and a service management system (SMS) as specified in ISO/IEC 20000-1. In practice, ISO/IEC 27001 and ISO/IEC 20000-1 can also be integrated with other management system standards, such as ISO 9001 and ISO 14001.

Annex A of this document provides a comparison of content at a clause level between ISO/IEC 27001 and ISO/IEC 20000-1.

Annex B of this document provides a comparison of topics between the requirements specified in ISO/IEC 20000-1 and the controls in ISO/IEC 27001, Annex A.

Annex C of this document provides a comparison of:

  • terms defined in ISO/IEC 27000, the glossary for the ISO/IEC 27000 family of standards;

  • terms defined or used in ISO/IEC 20000-1.


This product includes: