ISO/IEC 27000 Series: Definition & Purpose

Instructor: Beth Hendricks

Beth holds a master's degree in integrated marketing communications, and has worked in journalism and marketing throughout her career.

Have you met the ISO/IEC 27000 series family? In this lesson, you'll discover what this series of standards is, its background, and its framework for information security that can be tied to any organization.

Family Support

Families are great, aren't they? They're around to help you achieve your goals, back you up when you need support, and celebrate with you when you reach certain milestones.

Families come in all shapes and forms, and the support you receive from each person may be different. A parent may support you financially to help you get through school. A spouse may listen to you complain when things go wrong - or cheer when they go right. Even a child can lend his or her support just by being there with a hug.

Believe it or not, the term ''family'' can be used to describe the subject of this lesson. The family of standards that comprise the ISO/IEC 27000 series work together to provide best practices for information security management. Now, let me give you an introduction to the family.

Let's Talk ISO/IEC 27000

Whether you're just starting out in information security or have been at it for a while, the robust framework that the standards in the ISO/IEC 2700 series provide can help any organization - in any industry - keep its data and assets secure.

Also known as simply the ISO 27000 series, this family of world-renowned security guidelines comes from the International Organization for Standardization (or the ISO) and the International Electrotechnical Commission (or IEC). These bodies exist solely to prepare guidelines that can be followed to standardize security practices across the globe.

Following ISO/IEC 27000 series standards can aid a business in protecting its assets, identifying and managing risks, and having a system in place to ensure that - as new security issues are presented - the company has a system identified for handling those and making security improvements.

Organizations can work toward a voluntary accreditation under ISO 27000, which simply illustrates they are utilizing the most popular of frameworks for their information security program.


The history of the ISO 27000 series can be traced to something known as the British Standards Institution Standard 7799 created in 1995. The series, originally produced in three parts, came together to provide the foundation for the 27000 grouping today:

  • The first part about information security best practices later became a piece of ISO 17799 and was added to the 27000 series in 2000.
  • The second part, which dealt with developing information security management systems, was turned into ISO 27001.
  • The third part was apparently not important enough to include because it never became a part of the ISO 27000 series.

What's Included

Now, let's take a look at the members of this ISO 27000 series family:

Standard What It Addresses
27001 The requirements for complying with the 27000 series.
27002 The recommended controls that can be used.
27003 How to implement the standards.
27004 Using metrics to monitor security initiatives.
27005 How to deal with risk management.
27006 The requirements for accrediting bodies.

Together, this family of standards can be used to develop and manage the various parts of a security program. Individually, they cover important topics such as:

To unlock this lesson you must be a Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use

Become a member and start learning now.
Become a Member  Back
What teachers are saying about
Try it risk-free for 30 days

Earning College Credit

Did you know… We have over 200 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Transferring credit to the school of your choice

Not sure what college you want to attend yet? has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.

Create an account to start this course today
Try it risk-free for 30 days!
Create an account