ISO 27011:2016 for Telecommunications Organizations

ISO 27011:2016, Information technology – Security techniques – Code of practice for Information security controls based on ISO 27002 for telecommunications organizations, is available.

The revised standard defines guidelines for supporting the implementation of information security controls in telecommunications organizations.

It will allow telecommunications organizations to meet baseline information security management requirements of confidentiality, integrity, availability, and any other relevant security properties.

The 31 page ISO 27011:2016 standard can be purchased at this ISO web page for about $140.

ISO 27011:2016 Outline:

1 Scope
2. Normative references
3. Terms and definitions

4. Overview
5. Information security practices
6. Organization of information security
7. Human resource security
8. Asset management
9. Access control
10. Cryptography
11. Physical and environmental security
12. Operations security
13. Communications security
14. System acquisition, development, and maintenance
15. Supplier relationships
16. Information security incident management
17. Information security aspects of business continuity
18. Compliance

Please view our 1.5 day ISO 27001:2013 Requirements course description at this web page.