ISO/IEC 27006:2011 Published

The latest version of ISO/IEC 27006 has been published on 1 December 2011. This International Standard specifies the requirements and provides guidance for certification bodies providing audit and certification of an information security management system (ISMS).

It is primarily intended to support the accreditation of certification bodies providing ISMS certification in addition to the requirements contained within ISO/IEC 17021 and ISO/IEC 27001.

The requirements contained in ISO/IEC 27006:2011 need to be demonstrated in terms of competence and reliability by any certification body providing ISMS certification, and the guidance contained in ISO/IEC 27006:2011 provides additional interpretation of these requirements for any body providing ISMS certification.

For more information and a copy of ISO/IEC 27006:2011, please see

Share this article on Social Media:

Leave a Reply