BS ISO/IEC 27013:2015
Withdrawn
A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.
View Superseded by
Information technology. Security techniques. Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1
Hardcopy , PDF
16-12-2021
English
31-12-2015
Important note : Users cannot be edited or removed once added to your Multi user PDF.
Foreword
Introduction
1 Scope
2 Normative references
3 Terms, definitions and abbreviated terms
4 Overviews of ISO/IEC 27001 and ISO/IEC 20000-1
5 Approaches for integrated implementation
6 Integrated implementation considerations
Annex A (informative) - Correspondence between
ISO/IEC 27001 and ISO/IEC 20000-1
Annex B (informative) - Comparison of ISO/IEC 27000
and ISO/IEC 20000-1 terms
Bibliography
Specifies guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 for those organizations which are intending to either: a) implement ISO/IEC 27001 when ISO/IEC 20000-1 is already implemented, or vice versa; b) implement both ISO/IEC 27001 and ISO/IEC 20000-1 together; c) integrate existing ISO/IEC 27001 and ISO/IEC 20000-1 management systems.
| Committee |
IST/33/1
|
| DevelopmentNote |
Supersedes 11/30207802 DC. (11/2012) Supersedes 15/30299325 DC. (12/2015)
|
| DocumentType |
Standard
|
| Pages |
50
|
| PublisherName |
British Standards Institution
|
| Status |
Withdrawn
|
| SupersededBy | |
| Supersedes |
This International Standard provides guidance on the integrated implementation of ISO/IEC27001 and ISO/IEC20000‑1 for those organizations that are intending to either implement ISO/IEC27001 when ISO/IEC20000‑1 is already implemented, or vice versa, implement both ISO/IEC27001 and ISO/IEC20000‑1 together, or integrate existing management systems based on ISO/IEC27001 and ISO/IEC20000‑1 . This International Standard focuses exclusively on the integrated implementation of an information security management system (ISMS) as specified in ISO/IEC27001 and a service management system (SMS) as specified in ISO/IEC20000‑1 . In practice, ISO/IEC27001 and ISO/IEC20000‑1 can also be integrated with other management system standards, such as ISO9001 and ISO14001 .
| Standards | Relationship |
| ISO/IEC 27013:2015 | Identical |
| BS 65000:2014 | Guidance on organizational resilience |
| ISO/IEC TR 20000-5:2013 | Information technology Service management Part 5: Exemplar implementation plan for ISO/IEC 20000-1 |
| ISO 19011:2011 | Guidelines for auditing management systems |
| ISO/IEC 27001:2013 | Information technology — Security techniques — Information security management systems — Requirements |
| ISO/IEC TR 90006:2013 | Information technology Guidelines for the application of ISO 9001:2008 to IT service management and its integration with ISO/IEC 20000-1:2011 |
| ISO/IEC 27003:2017 | Information technology — Security techniques — Information security management systems — Guidance |
| ISO/IEC 27004:2016 | Information technology — Security techniques — Information security management — Monitoring, measurement, analysis and evaluation |
| ISO 31000:2009 | Risk management Principles and guidelines |
| ISO/IEC 27006:2015 | Information technology — Security techniques — Requirements for bodies providing audit and certification of information security management systems |
| ISO/IEC 27014:2013 | Information technology Security techniques Governance of information security |
| ISO/IEC 27002:2013 | Information technology Security techniques Code of practice for information security controls |
| ISO/IEC TR 20000-9:2015 | Information technology Service management Part 9: Guidance on the application of ISO/IEC 20000-1 to cloud services |
| ISO/IEC TR 20000-4:2010 | Information technology Service management Part 4: Process reference model |
| ISO/IEC 27010:2015 | Information technology Security techniques Information security management for inter-sector and inter-organizational communications |
| ISO/IEC 20000-1:2011 | Information technology Service management Part 1: Service management system requirements |
| ISO/IEC 20000-2:2012 | Information technology Service management Part 2: Guidance on the application of service management systems |
| ISO/IEC 20000-3:2012 | Information technology Service management Part 3: Guidance on scope definition and applicability of ISO/IEC 20000-1 |
| ISO/IEC 27005:2011 | Information technology Security techniques Information security risk management |
| ISO 9000:2015 | Quality management systems — Fundamentals and vocabulary |
| ISO/IEC TR 27008:2011 | Information technology Security techniques Guidelines for auditors on information security controls |
| ISO/IEC TS 15504-8:2012 | Information technology Process assessment Part 8: An exemplar process assessment model for IT service management |
| ISO/IEC 27007:2017 | Information technology Security techniques Guidelines for information security management systems auditing |
| ISO/IEC 27000:2016 | Information technology Security techniques Information security management systems Overview and vocabulary |
| ISO/IEC TR 20000-10:2015 | Information technology Service management Part 10: Concepts and terminology |
| ISO Guide 73:2009 | Risk management — Vocabulary |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.