标准摘要
[中文适用范围]: 包括但不限于信息安全管理的实施、改进和认证过程。 ***此介绍可能不准确,请注意参考原文。 [外文原描述]: ISO/IEC 27007 provides guidance on managing an information security management system (ISMS) audit programme, on conducting audits, and on the competence of ISMS auditors, in addition to the guidance contained in ISO 19011:2011. ISO/IEC 27007 is applicable to those needing to understand or conduct internal or external audits of an ISMS or to manage an ISMS audit programme.
英文名称Information technology - Security techniques - Guidelines for information security management systems auditing