ISO/IEC 27001 2013 (ISO27001 ISO 27001) ISMS Requirements (PDF)

ISO/IEC 27001 2013 (ISO27001 ISO 27001) ISMS Requirements (PDF)

Order your copy of ISO/IEC 27001:2013 as a PDF!

Order your copy of ISO/IEC 27001:2013 from IT Governance in the PDF format for immediate download!

Price: R 1 600,00 (ZAR) 
Ready to order
Sub Total: R 0,00 (ZAR)

Other payment options available


ISO/IEC 27001:2013 (ISO27001 ISO 27001) ISMS Requirements

Order your copy of ISO/IEC 27001:2013 from IT Governance as a PDF. Order a copy of the new (September 2013) International Standard for information security - an essential purchase.

The official title for this document is ISO/IEC 27001:2013 (Information technology - Security techniques - Information Security Management Systems - Requirements).

Buy this standard with its sister standard ISO/IEC 27002:2013 together in one kit.

What is ISO 27001?

The 2013 edition of ISO/IEC 27001 is substantially different to the 2005 edition of the standard. The 2013 edition of the standard has been developed using Annex SL, part of a document published by ISO which provides a common approach and structure for management system standards. Since ISO/IEC 27001:2013 adopts Annex SL it more easily lends itself to integration with other management system standards.

Whereas the 2005 edition of the standard specified the Plan-Do-Check-Act (PDCA) cycle as the method for developing and continually improving an ISMS, the 2013 edition does not mandate this approach. Instead the 2013 edition of the standard allows you to use either PDCA or other approaches.

The terms and definitions that appeared in the 2005 edition of the standard have now been removed, and instead ISO/IEC 27000:2012 is referenced as the source for terms and definitions. The terminology in the standard has been updated. There is an increased focus on setting objectives, assessing performance and metrics in ISO/IEC 27001:2013. Additionally, the risk assessment requirements in the standard are less prescriptive and are aligned with ISO 31000 - the International Standard for risk management.

The requirements for management commitment have been overhauled and are largely contained presented in the Leadership clause. Furthermore, the requirements for a statement of applicability in the 2013 edition have been enhanced, and the risk treatment process makes it easier to adopt control frameworks other than Annex A.

Finally, Annex B has been deleted, and Annex A has also been revised and restructured. There are now 114 controls under 14 categories as opposed to the 133 under 11 headings in the 2005 edition of the standard.

ISO/IEC 27001:2013..........

  • Is the new standard (autumn 2013) detailing the requirements for an information security management system. By implementing an ISMS your organisation can improve the state of information security in the organisation.
  • Has been written using Annex SL which provides a common structure for management system standards. By following this structure the standard enables organisations to take an integrated approach to management system implementation, eliminating unnecessary duplicate processes.
  • Has been updated to reflect the latest in international best practice for information security, meaning it is bang up to date!

Purchase and use of the PDF version of this product is subject to this EULA.



Please note that two Technical Corrigenda have been issued since ISO/IEC 27001:2013 was published. These can be downloaded free of charge direct from ISO via the following links:

Technical Corrigendum 1 (ISO/IEC 27001:2013/Cor.1:2014) >>

Technical Corrigendum 2 (ISO/IEC 27001:2013/Cor.2:2015) >>


Publisher: ISO/IEC
Pages: 23
Format: PDF
Published Date: 25 September 2013
Availability: Always Available

Order this essential standard!

Product Rating: (0.00)   # of Ratings: 0   (Only registered customers can rate)

There are no comments for this product.