SR EN ISO/IEC 27001:2023

Information security, cybersecurity and privacy protection - Information security management systems - Requirements (ISO/IEC 27001:2022)

This document specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. This document also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in this document are generic and are intended to be applicable to all organizations, regardless of type, size or nature.

Add to cart

General information

Status : Valid
Approval date : 8/31/2023
Number of pages : 28
ICS : 03.100.70 Management systems,35.030 IT Security
Technical Committee : 208 - IT security techniques

Relations with other standards:

Replaces SR EN ISO/IEC 27001:2018
Normative reference SR EN ISO/IEC 27000:2020
Amended by SR EN ISO/IEC 27001:2023/A1:2024