ISO/IEC 27001 2013 and ISO/IEC 27002 2013 Standards
The 2013 version of the international standard for information security management systems (ISMS').
The 2022 version of ISO 27002 is now available and can be purchased separately here.
Please be aware that the international standard for 27001 is still the 2013 version. Some suppliers have republished country-specific versions of ISO 27001 (labelled ISO 27001:2017), which include additional corrigenda that were released after the 2013 publication date. These corrigenda are freely available from the ISO website for those who purchased the original version. They are also supplied by IT Governance when you purchase this standard.
Pay by purchase order | Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account. Apply online today or call our service centre team on 00 800 48 484 484.
Cyber security is an understandable concern for any organisation, but an effective Information Security Management System (ISMS) can significantly reduce the risk of exposure to security breaches which an organisation faces.
If you are implementing or thinking about implementing an ISMS, you need both of these standards as your principle point of reference. ISO27001 is the only security Standard that takes an integrated approach to information security, addressing the three essential facets of cyber security (people, processes and technology) in a single cohesive strategy. With the 2013 version, implementation has never been easier.
For more guidance on ISO27001, visit our information page.
Please note that two Technical Corrigenda have been issued since ISO/IEC 27001:2013 was published. These can be downloaded free of charge direct from ISO via the following links: