ISO/IEC 27006-1:2024 信息安全、网络安全和隐私保护 对信息安全管理体系提供审核和认证的机构的要求 第1部分：总则

标准编号：ISO/IEC 27006-1:2024

中文名称：信息安全、网络安全和隐私保护 对信息安全管理体系提供审核和认证的机构的要求 第1部分：总则

英文名称：Information security, cybersecurity and privacy protection — Requirements for bodies providing audit and certification of information security management systems — Part 1: General

发布日期：2024-03

标准范围

ISO/IEC 27006-1:20 24除了ISO/IEC 17021-1中包含的要求之外，本文件还为提供信息安全管理体系(ISMS)审核和认证的机构规定了要求并提供了指导。提供ISMS认证的机构在能力和可靠性方面证明了本文件中包含的要求。本文件中包含的指南为提供ISMS认证的机构提供了对这些要求的额外解释。注:本文件可用作认证、同行评估或其他审核流程的标准文件。

ISO/IEC 27006-1:2024 This document specifies requirements and provides guidance for bodies providing audit and certification of an information security management system (ISMS), in addition to the requirements contained within ISO/IEC 17021-1.
The requirements contained in this document are demonstrated in terms of competence and reliability by bodies providing ISMS certification. The guidance contained in this document provides additional interpretation of these requirements for bodies providing ISMS certification.
NOTE This document can be used as a criteria document for accreditation, peer assessment or other audit processes.

标准预览图