Skip to main content
Back

ISO/IEC TR 27008:2011

Information technology -- Security techniques -- Guidelines for auditors on information security controls

General information

Withdrawn from 14.01.2019
Directives or regulations
None

Standard history

Status
Date
Type
Name
14.01.2019
Main
06.10.2011
Main
ISO/IEC TR 27008:2011 provides guidance on reviewing the implementation and operation of controls, including technical compliance checking of information system controls, in compliance with an organization's established information security standards.
ISO/IEC TR 27008:2011 is applicable to all types and sizes of organizations, including public and private companies, government entities, and not-for-profit organizations conducting information security reviews and technical compliance checks. It is not intended for management systems audits.

Required fields are indicated with *

*
*
*
PDF
82.61 € incl tax
Paper
82.61 € incl tax
Standard monitoring

Customers who bought this item also bought

Main

EVS-ISO/IEC 27003:2011

Information technology - Security techniques - Information security management system implementation guidance
Withdrawn from 03.05.2021
Main

ISO/IEC 27006:2015

Information technology -- Security techniques -- Requirements for bodies providing audit and certification of information security management systems
Withdrawn from 01.03.2024
Main

ISO/IEC 27004:2016

Information technology -- Security techniques -- Information security management -- Monitoring, measurement, analysis and evaluation
Newest version Valid from 15.12.2016
Main

ISO/IEC 27017:2015

Information technology -- Security techniques -- Code of practice for information security controls based on ISO/IEC 27002 for cloud services
Newest version Valid from 30.11.2015