AS ISO/IEC 27013:2017 PDF

AS ISO/IEC 27013:2017 PDF

Adopts ISO/IEC 27013:2015 to provide guidance to organizations on the integrated implementation of ISO/IEC27001 and ISO/IEC20000-1.

This Standard is identical with, and has been reproduced from ISO/IEC 27013:2015, Information technology—Security techniques—Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1.

The relationship between information security management and service management is so close that many organizations already recognise the benefits of adopting the two International Standards for these domains: ISO/IEC 27001 for information security management and ISO/IEC 20000-1 for service management. It is common for an organization to improve the way it operates to achieve conformity with the requirements specified in one of these International Standards and then make further improvements to achieve conformity with the requirements of the other.

There are a number of advantages in implementing an integrated management system that takes into account not only the services provided but also the protection of information. These benefits can be experienced whether one International Standard is implemented before the other, or both International Standards are implemented simultaneously. Management and organizational processes, in particular, can derive benefit from the mutually reinforcing concepts and similarities between these International Standards and their common objectives.