Taiwan Provincial Standard of the People's Republic of China
Latest
CNS 27001-2007
Scope
1.1 Overview This standard covers all types of organizations (e.g., commercial enterprises, government agencies, and not-for-profit organizations). This standard specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented ISMS within the organization's overall operational risk landscape. It stipulates implementation requirements for security control measures tailored to the needs of individual organizations or parts of units. The ISMS system is designed to ensure
CNS 27001-2007 history
2007CNS 27001-2007 Information technology - Security techniques - Information security management systems - Requirements