标准摘要
[中文适用范围]: 本文件提供了管理信息安全管理系统(ISMS)审核计划的指导,进行审核的指导,以及ISMS审核员能力的指导,除了ISO 19011中包含的指导。 本文件适用于那些需要理解或进行ISMS的内部或外部审核,或管理ISMS审核计划的人员。 [外文原描述]: This document provides guidance on managing an information security management system (ISMS) audit programme, on conducting audits, and on the competence of ISMS auditors, in addition to the guidance contained in ISO 19011. This document is applicable to those needing to understand or conduct internal or external audits of an ISMS or to manage an ISMS audit programme.
英文名称Information security, cybersecurity and privacy protection - Guidelines for information security management systems auditing