ISO27k-aligned security awareness service
ISO27k & ISMS resources
Creative security awareness materials

Creative security awareness materials for your ISMS

Sources of the ISO27k standards themselves

  • Several vendors are licensed to sell the ISO/IEC standards so shop around for the best deals.
  • National standards bodies often offer translated versions of the ISO/IEC standards in their own languages. They all go to great lengths to ensure that the translations remain true to the original ... but that process takes time so national versions are often named with later years than the ISO/IEC versions.

Further info on the ISO27k standards & their implementation

  • Recommended resource If you are actively implementing the ISO27k standards, you are welcome to join the ISO27k Forum to discuss the practicalities with others doing the same thing. The international community offers free advice, giving you the benefit of our collective experience in this field. Your thoughts and inputs are most welcome too, including queries, comments, contentious points to discuss, and feedback or improvement suggestions for this website and the ISO27k Toolkit.
  • is “el portal de ISO 27000 en Espagñol”, the Spanish language equivalent to this site, while is the Russian version.
  • Comunidade Portuguesa de Segurança da Informação is a Portuguese community for those interested in implementing ISO27k information security management systems (mainly in Portuguese but with some good papers also in English).
  • Recommended resource IsecT Ltd., the owner of this website, offers an innovative ISO27k-aligned information security awareness subscription service (NoticeBored), plus consultancy and training on ISO27k, security awareness, security metrics, GRC and moreTrack our blog to keep up with our research interests and latest infosec products.
  • ISO” is not actually an acronym but the official name of the Swiss organization responsible for coordinating the world’s national standards bodies. Joint Technical Committee 1 (JTC1) looks after ISO’s IT standards while JTC1 Sub Committee 27 (JTC1/SC 27) is specifically responsible for the standards covering IT security techniques. JTC1/SC 27 is busy with lots of security papers currently under consideration for encryption, privacy and identity management as well as ISO27k.

Copyright © 2019 IsecT Ltd.