Skip to content
Please enter a keyword to search

  • BS ISO/IEC 27013:2015

    View superseded by
    Withdrawn A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.
    View superseded by

    Information technology. Security techniques. Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

    Available format(s):  Hardcopy, PDF

    Withdrawn date:  16-12-2021

    Language(s):  English

    Published date:  31-12-2015

    Publisher:  British Standards Institution

    Add To Cart

    Table of Contents - (Show below) - (Hide below)

    Foreword
    Introduction
    1 Scope
    2 Normative references
    3 Terms, definitions and abbreviated terms
    4 Overviews of ISO/IEC 27001 and ISO/IEC 20000-1
    5 Approaches for integrated implementation
    6 Integrated implementation considerations
    Annex A (informative) - Correspondence between
            ISO/IEC 27001 and ISO/IEC 20000-1
    Annex B (informative) - Comparison of ISO/IEC 27000
            and ISO/IEC 20000-1 terms
    Bibliography

    Abstract - (Show below) - (Hide below)

    Specifies guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 for those organizations which are intending to either: a) implement ISO/IEC 27001 when ISO/IEC 20000-1 is already implemented, or vice versa; b) implement both ISO/IEC 27001 and ISO/IEC 20000-1 together; c) integrate existing ISO/IEC 27001 and ISO/IEC 20000-1 management systems.

    Scope - (Show below) - (Hide below)

    This International Standard provides guidance on the integrated implementation of ISO/IEC27001 and ISO/IEC20000‑1 for those organizations that are intending to either implement ISO/IEC27001 when ISO/IEC20000‑1 is already implemented, or vice versa, implement both ISO/IEC27001 and ISO/IEC20000‑1 together, or integrate existing management systems based on ISO/IEC27001 and ISO/IEC20000‑1 . This International Standard focuses exclusively on the integrated implementation of an information security management system (ISMS) as specified in ISO/IEC27001 and a service management system (SMS) as specified in ISO/IEC20000‑1 . In practice, ISO/IEC27001 and ISO/IEC20000‑1 can also be integrated with other management system standards, such as ISO9001 and ISO14001 .

    General Product Information - (Show below) - (Hide below)

    Committee IST/33/1
    Development Note Supersedes 11/30207802 DC. (11/2012) Supersedes 15/30299325 DC. (12/2015)
    Document Type Standard
    Publisher British Standards Institution
    Status Withdrawn
    Superseded By
    Supersedes

    Standards Referencing This Book - (Show below) - (Hide below)

    ISO/IEC TR 20000-5:2013 Information technology Service management Part 5: Exemplar implementation plan for ISO/IEC 20000-1
    ISO 19011:2011 Guidelines for auditing management systems
    ISO/IEC 27001:2013 Information technology — Security techniques — Information security management systems — Requirements
    ISO/IEC TR 90006:2013 Information technology Guidelines for the application of ISO 9001:2008 to IT service management and its integration with ISO/IEC 20000-1:2011
    ISO/IEC 27003:2017 Information technology — Security techniques — Information security management systems — Guidance
    ISO/IEC 27004:2016 Information technology — Security techniques — Information security management — Monitoring, measurement, analysis and evaluation
    ISO 31000:2009 Risk management Principles and guidelines
    ISO/IEC 27006:2015 Information technology — Security techniques — Requirements for bodies providing audit and certification of information security management systems
    ISO/IEC 27014:2013 Information technology Security techniques Governance of information security
    ISO/IEC 27002:2013 Information technology Security techniques Code of practice for information security controls
    ISO/IEC TR 20000-9:2015 Information technology Service management Part 9: Guidance on the application of ISO/IEC 20000-1 to cloud services
    ISO/IEC TR 20000-4:2010 Information technology Service management Part 4: Process reference model
    ISO/IEC 27010:2015 Information technology Security techniques Information security management for inter-sector and inter-organizational communications
    ISO/IEC 20000-1:2011 Information technology Service management Part 1: Service management system requirements
    ISO/IEC 20000-2:2012 Information technology Service management Part 2: Guidance on the application of service management systems
    ISO/IEC 20000-3:2012 Information technology Service management Part 3: Guidance on scope definition and applicability of ISO/IEC 20000-1
    ISO/IEC 27005:2011 Information technology Security techniques Information security risk management
    ISO 9000:2015 Quality management systems — Fundamentals and vocabulary
    ISO/IEC TR 27008:2011 Information technology Security techniques Guidelines for auditors on information security controls
    ISO/IEC TS 15504-8:2012 Information technology Process assessment Part 8: An exemplar process assessment model for IT service management
    ISO/IEC 27007:2017 Information technology Security techniques Guidelines for information security management systems auditing
    ISO/IEC 27000:2016 Information technology Security techniques Information security management systems Overview and vocabulary
    ISO/IEC TR 20000-10:2015 Information technology Service management Part 10: Concepts and terminology
    ISO Guide 73:2009 Risk management — Vocabulary
    View more information

    • Access your standards online with a subscription

      Features

      • Simple online access to standards, technical information and regulations
      • Critical updates of standards and customisable alerts and notifications
      • Multi - user online standards collection: secure, flexibile and cost effective