Home :: News

News

ISO 27000

ISO /IEC 27001:2005, Information technology – Security techniques – Information security management systems – Requirements, specifies the processes to enable a business to establish, implement, review and monitor, manage and maintain an effective ISMS.

ISO/IEC 27001:2005 integrates the process-based approach of ISO's management system standards – ISO 9001:2000 and ISO 14001:2004 – including the Plan-Do-Check-Act (PDCA) cycle and requirement for continual improvement.

The new standard forms a complementary pair with the recently published ISO/IEC 17799:2005 "code of practice" on information security management.

Organizations that so wish can have their information security management systems independently certified as conforming to the requirements of ISO/IEC 27001:2005, although certification is not a requirement of the standard.

Up to now, organizations that wished to have their ISMS certified have done so in conformity with the British Standard BS 7799 Part 2. This is now possible against ISO/IEC 27001:2005, which is an International Standard.

ISO 20000

ISO/IEC 20000 integrates the process-based approach of ISO's management system standards – ISO 9001:2000 and ISO 14001:2004 – including the Plan-Do-Check-Act (PDCA) cycle and requirement for continual improvement.

Organizations that so wish can have their IT service management systems independently certified as conforming to the requirements of ISO/IEC 20000.

The new standard is based on the British Standard BS 15000 and is integrated into ISO and IEC collection of software and systems engineering standards.

ISO 22000

ISO 22000, backed by international consensus, harmonizes the requirements for systematically managing safety in food supply chains and offers a unique solution for good practice on a worldwide basis. In addition, food safety management systems that conform to ISO 22000 can be certified – which answers the growing demand in the food sector for the certification of suppliers – although the standard can be implemented without certification of conformity, solely for the benefits it provides.

Developed with the participation of food sector experts, ISO 22000 incorporates the principles of HACCP, and covers the requirements of key standards developed by various global food retailer syndicates, in a single document.

ISO 26000

The future ISO 26000 standard giving guidance on social responsibility has taken a significant step forward with ISO deciding on the structure and overall contents, as well as fixing a target release date of last quarter 2008.

The ISO Working Group on Social Responsibility (WG SR) laid the foundations of ISO 26000 at its second meeting, 26-30 September 2005, in Bangkok, Thailand. ISO 26000 will give organizations harmonized, internationally agreed guidance for social responsibility, drawing on best practice and consistent with relevant declarations and conventions by the United Nations and its constituents, notably the International Labour Office (ILO). The standard will not contain requirements allowing ISO 26000 to be used for certification.

ISO guidelines for improving quality management in local government

ISO has just released guidelines for improving quality management in local government worldwide through the implementation by public authorities of its ISO 9001:2000 management system standard.

IWA 4, Quality management systems – Guidelines for the application of ISO 9001:2000 in local government, is not intended for certification and does not require the public authorities that use it to seek ISO 9001:2000 certification. This is a decision for them to make based on their particular context. It gives advice on implementing ISO 9001:2000, but does not alter in any way the requirements of that standard.