Resource
Article [7196]
General
[1035]
Acceptance
[63]
Ad Hoc
[28]
Agile, Scrum
[231]
Black Box
[117]
Bug, Defect
[258]
DB, Test Data
[274]
Environment
[42]
Functional
[116]
Glossary, Term
[74]
GUI, Usability
[98]
Integrate test
[46]
Interview, FAQ
[288]
Manual Testing
[118]
Methodology
[231]
Metrics
[327]
Mobile, Embed
[153]
Performance
[327]
Process
[194]
Requirement
[124]
Review, Static
[102]
Risk
[99]
Security Test
[215]
Standard, ISO
[179]
Test Automate
[352]
Test Case
[340]
Test Design
[69]
Test Plan
[311]
Test Manage
[227]
Test Script
[56]
Test Technique
[265]
Tool
[178]
Tool- Jmeter
[40]
Tool- Selenium
[125]
Unit Test
[166]
Web Test
[258]
White Box
[70]
Ebook [1163]
General
[277]
Acceptance
[3]
Agile, Scrum
[24]
DB Test
[76]
Development
[137]
GUI, Usability
[17]
Interview, FAQ
[9]
Java Test
[68]
Metrics
[17]
Mobile, Embed
[14]
Performance
[49]
Process
[11]
Requirement
[55]
Review, Analysis
[8]
Risk
[7]
Security Test
[71]
Standard
[20]
Test Manage
[85]
Test Automate
[84]
Tool
[8]
Unit Test
[67]
Web Test
[60]
Testing Tool [2276]
Acceptance
[25]
Agile, Scrum
[42]
Bug Tracking
[127]
Build, Release
[27]
Environment
[58]
DB, Test Data
[83]
Functional
[240]
GUI, Usability
[79]
Java Test
[71]
Metrics
[57]
Mobile, Embed
[79]
Network Test
[67]
Performance
[222]
Requirement
[62]
Review, Static
[105]
Security Test
[111]
Test Design
[52]
Test Manage
[208]
Unit, Debug
[224]
Utility, Capture
[97]
Web Testing
[234]
Video [622]
News [2773]
Webinar [914]
Certification Resource
CTAL [269]
CTEL [35]
CSTE, CSQA [198]
CSQE [41]
CMMI, TMMI [135]
PMP [114]
ITIL [67]
Six Sigma [41]
Other [81]
Forum
Forum [1935]
Book
[56]
Certification
[48]
Conference
[64]
ISTQB
[158]
QTP
[92]
Software Test
[1062]
Standard, ISO
[89]
Testing Tool
[287]
![[Level:5]](http://www.vietnamesetestingboard.org/zbxe/modules/point/icons/default/5.gif "Point:750point (0%), Level:5/30"){kind=icon}
dandis
2010.11.12 03:44:08
2067
ISO/IEC 27001, part of the growing ISO/IEC 27000 family of standards, is an Information Security Management System (ISMS) standard published in October 2005 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Its full name is ISO/IEC 27001:2005 - Information technology -- Security techniques -- Information security management systems -- Requirements but it is commonly known as "ISO 27001".
ISO/IEC 27001 formally specifies a management system that is intended to bring information security under explicit management control. Being a formal specification means that it mandates specific requirements. Organizations that claim to have adopted ISO/IEC 27001 can therefore be formally audited and certified compliant with the standard (more below).
Most organizations have a number of information security controls. Without an ISMS however, the controls tend to be somewhat disorganized and disjointed, having been implemented often as point solutions to specific situations or simply as a matter of convention. Maturity models typically refer to this stage as "ad hoc". The security controls in operation typically address certain aspects of IT or data security, specifically, leaving non-IT information assets (such as paperwork and proprietary knowledge) less well protected on the whole. Business continuity planning and physical security, for examples, may be managed quite independently of IT or information security while Human Resources practices may make little reference to the need to define and assign information security roles and responsibilities throughout the organization.
ISO/IEC 27001 formally specifies a management system that is intended to bring information security under explicit management control. Being a formal specification means that it mandates specific requirements. Organizations that claim to have adopted ISO/IEC 27001 can therefore be formally audited and certified compliant with the standard (more below).
Most organizations have a number of information security controls. Without an ISMS however, the controls tend to be somewhat disorganized and disjointed, having been implemented often as point solutions to specific situations or simply as a matter of convention. Maturity models typically refer to this stage as "ad hoc". The security controls in operation typically address certain aspects of IT or data security, specifically, leaving non-IT information assets (such as paperwork and proprietary knowledge) less well protected on the whole. Business continuity planning and physical security, for examples, may be managed quite independently of IT or information security while Human Resources practices may make little reference to the need to define and assign information security roles and responsibilities throughout the organization.
![[Level:30]](http://www.vietnamesetestingboard.org/zbxe/modules/point/icons/default/30.gif "Point:56730point, Level:30/30"){kind=icon}
Service
New
Popular Documents
Weekly
Monthly
Yearly
Popular Download
Weekly
Monthly
Twitter
tag
security testing
tool
Plan
Test
software testing company
Guide
Test Case
Bug
mobile
Exam
Software
mobile testing
Test Automation
Questions
HP
Template
agile testing
performance
Management
security
Certification
ISTQB
software qa service
test plan
testing
QTP
conference
outsourcing software testing
Development
Quality
process
Sample Exam
tester
Sql
Selenium
web
web testing
framework
agile
Interview
Unit Testing
mobile application testing
Software Testing
Test management
checklist
Metrics
Automation
Manual
QA
Performance Testing
PM
Visitor
Member Login (IP)
203904
143150
202546661
Yesterday
Today
Total
okokokokokokok