ISO/IEC 27007: 2011 Information technology - Security techniques - Guidelines for information security management systems auditing

The International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). First edition. 2011-11-15. 37p. This International Standard provides guidance on managing an information security management system (ISMS) audit programme, on conducting the audits, and on the competence of ISMS auditors, in addition to the guidance contained in ISO 19011