ISO/IEC JTC 1/SC27 N6216 ISO/IEC JTC 1/SC 27/WG1 N16216 REPLACES: N5853 1 2 3 ISO/IEC JTC 1/SC 27 4 Information technology - Security techniques 5 Secretariat: DIN, Germany 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 DOC TYPE: Text for Working Draft TITLE: Text for ISO/IEC 5th WD 27003 - Information technology -Security techniques -- Information security management system implementation guidance SOURCE: Project Editors (J. Branzell, U. Chandrashekhar, O. Weissmann, S. Yamasaki) DATE: 2008-03-06 PROJECT: 27003 STATUS: In accordance with resolution 4 (see SC 27 N6306) of the 35th SC27 WG1 Plenary Meeting held in Luzerne (October 2007), this document is being circulated by the convener to the experts of WG1 for PREPARATION of the next WG1 Meeting in Kyoto April 2008. PLEASE NOTE: For comments please use THE SC 27 TEMPLATE separately attached to this document. ACTION: COM DUE DATE: DISTRIBUTION: P-, O- and L-Members W. Fumy, SC 27 Chairman M. De Soete, SC 27 Vice-Chair T. Humphreys, K. Naemura, M. Ohlin, M.-C. Kang, K. Rannenberg, WG-Conveners MEDIUM: Livelink-server NO. OF PAGES: 1+112 ISO/IEC 2008 – All Rights Reserved 1 1 2 ISO/IEC TC JTC 1/SC 27 N 3 4 6216 Working Date: 2008-03-06 5 6 ISO/IEC WD 27003 7 ISO/IEC TC JTC 1/SC 27/WG 1 8 9 10 Secretariat: DIN Information technology — Security techniqes — Information security management system implementation guidance 11 12 13 Warning 14 15 This document is not an ISO International Standard. It is distributed for review and comment. It is subject to change without notice and may not be referred to as an International Standard. 16 17 Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of which they are aware and to provide supporting documentation. 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 ISO/IEC 2008 – All Rights Reserved 2 1 2 3 4 Copyright notice 5 6 7 8 9 10 This ISO document is a working draft or committee draft and is copyright-protected by ISO. While the reproduction of working drafts or committee drafts in any form for use by participants in the ISO standards development process is permitted without prior permission from ISO, neither this document nor any extract from it may be reproduced, stored or transmitted in any form for any other purpose without prior written permission from ISO. 11 12 13 14 15 Requests for permission to reproduce this document for the purpose of selling it should be addressed as shown below or to ISO's member body in the country of the requester: 16 Reproduction for sales purposes may be subject to royalty payments or a licensing agreement. 17 Violators may be prosecuted. [Indicate the full address, telephone number, fax number, telex number, and electronic mail address, as appropriate, of the Copyright Manger of the ISO member body responsible for the secretariat of the TC or SC within the framework of which the working document has been prepared.] ISO/IEC 2008 – All Rights Reserved 3 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 Contents 1  2  3  4  4.1  4.1.1  4.1.2  4.2  4.3  4.3.1  4.3.2  4.3.3  5  5.1  5.2  5.3  5.4  5.5  5.6  6  6.1  6.2  6.3  6.4  6.5  7  7.1  7.2  7.3  8  8.1  8.2  8.3  8.4  9  9.1  9.1.1  9.1.2  9.1.3  9.1.4  9.1.5  9.2  9.2.1  9.2.2  9.3  9.3.1  9.3.2  Page Scope..................................................................................................................... 8  Normative References........................................................................................... 8  Terms and definitions ........................................................................................... 8  Overview............................................................................................................... 8  Diagrams............................................................................................................... 8  Diagram legend..................................................................................................... 8  Disposition and diagrams...................................................................................... 9  The overall implementation diagram of ISMS ................................................... 10  General Information................................