The Inner Circle

 View Only
  • 1.  ISO/IEC 27013:2021 Information security, cybersecurity and privacy protection - Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

    Posted Dec 24, 2021 04:06:00 AM
    Hi All,

    ISO/IEC recently published: ISO/IEC 27013:2021 Information security, cybersecurity, and privacy protection - Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

    This document gives guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 for organizations intending to:

    a) implement ISO/IEC27001 when ISO/IEC 20000-1 is already implemented, or vice versa;

    b) implement both ISO/IEC27001 and ISO/IEC 20000-1 together; or

    c) integrate existing management systems based on ISO/IEC27001 and ISO/IEC 20000-1.

    This document focuses exclusively on the integrated implementation of an information security management system (ISMS) as specified in ISO/IEC 27001 and a service management system (SMS) as specified in ISO/IEC 20000-1.

    You can purchase this standard here: https://www.iso.org/standard/78752.html

    You can preview this standard here: https://www.iso.org/obp/ui/#iso:std:iso-iec:27013:ed-3:v1:en

    ------------------------------
    Michael Roza CPA, CISA, CIA, MBA, Exec MBA
    ------------------------------


  • 2.  RE: ISO/IEC 27013:2021 Information security, cybersecurity and privacy protection - Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

    Posted Dec 28, 2021 12:18:00 PM
      |   view attached

    Anda telah dijemput ke acara ini.

    Re: ISO/IEC 27013:2021 Information security, cybersecurity and privacy protection - Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

    Bila
    Sel 28 Dis 2021 2PG – 3PG Waktu Malaysia - Kuala Lumpur
    Kalendar
    Hadirin
    [email protected] - penganjur
    Kehadiran anda bersifat pilihan.

    Hadir (cloudsecurityalliance_theinnercircle_ccf277e5-2eab-47e4-bd7e-35b6881682bb@connectedcommunity.org)?   Ya - Mungkin - Tidak    lagi pilihan »

    Jemputan daripada Kalendar Google

    Anda menerima e-mel ihsan ini pada akaun cloudsecurityalliance_theinnercircle_ccf277e5-2eab-47e4-bd7e-35b6881682bb@connectedcommunity.org kerana anda merupakan hadirin acara ini.

    Tolak acara ini untuk berhenti menerima kemas kini masa hadapan bagi acara tersebut. Anda juga boleh mendaftar untuk akaun Google di https://calendar.google.com/calendar/ dan mengawal tetapan pemberitahuan anda untuk seluruh kalendar anda.

    Tindakan mengirim semula jemputan ini boleh membenarkan mana-mana penerima menghantar jawapan kepada pengelola dan ditambahkan pada senarai tetamu atau menjemput orang lain tanpa mengambil kira status jemputan mereka sendiri atau mengubah suai RSVP anda. Ketahui Lebih Lanjut.




    Attachment(s)

    ics
    invite.ics   2 KB 1 version


  • 3.  RE: ISO/IEC 27013:2021 Information security, cybersecurity and privacy protection - Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

    Posted Jan 07, 2022 10:35:00 AM
    Does anyone know how does this differ from ISO/IEC 20000-7?

    https://www.iso.org/standard/76542.html

    On the surface it looks the same...

    ------------------------------
    Zbyszek K-M
    Security Admin
    Exea
    ------------------------------



  • 4.  RE: ISO/IEC 27013:2021 Information security, cybersecurity and privacy protection - Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

    Posted Jan 10, 2022 09:13:00 AM

    ISO/IEC TR 20000-7:2019:

    This document provides guidance on the integrated implementation of a service management system (SMS) as specified in ISO/IEC 20000-1 with a quality management system (QMS) as specified in ISO 9001 and an information security management system (ISMS)

    SMS + QMS + ISMS

    ISO/IEC 27013:2021:
    This document gives guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 

    ISMS + SMS



    ------------------------------
    Muralidaran R
    HCL Technologies
    HCL Technologies
    ------------------------------



  • 5.  RE: ISO/IEC 27013:2021 Information security, cybersecurity and privacy protection - Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

    Posted Jan 10, 2022 09:13:00 AM
    20000-7 = SMS + QMS + ISMS
    27013:2021 = SMS + ISMS


    ------------------------------
    Muralidaran R
    HCL Technologies
    HCL Technologies
    ------------------------------



  • 6.  RE: ISO/IEC 27013:2021 Information security, cybersecurity and privacy protection - Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

    Posted Jan 10, 2022 11:06:00 AM
    20000-Part 7: Is Guidance on the integration and correlation of ISO/IEC 20000-1:2018 to ISO 9001:2015 and ISO/IEC 27001:2013

    27013 focuses exclusively on the integrated implementation of an information security management system (ISMS) as specified in ISO/IEC 27001 and a service management system (SMS) as specified in ISO/IEC 20000-1.

    Now the process followed for integrated management systems is generally the same, in these cases, 20k part 7 includes the quality management system as well.

    You may want to read the IAF MD-11 Document IAF MANDATORY DOCUMENT FOR THE APPLICATION OF ISO/IEC 17021 FOR AUDITS OF INTEGRATED MANAGEMENT SYSTEMS.

    This provides more details on the requirements of an integrated MS and how they will be audited.
    John A DiMaria; CSSBB, AMBCI, HISP, MHISP, CERP
    Assurance Investigatory Fellow
    Cloud Security Alliance
    m:+1 314 374-9752





    This e-mail account is used only for work-related purposes; it is not guaranteed that any correspondence sent to this address will be read by the addressee only, as it may be necessary, under certain circumstances, for third parties appointed by the Cloud Security Alliance to access this e-mail account. Please do not send any messages of a personal nature to this address.