ISO/IEC TR 27008:2011 provides guidance on reviewing the implementation and operation of controls, including technical compliance checking of information system controls, in compliance with an organization's established information security standards.
ISO/IEC TR 27008:2011 is applicable to all types and sizes of organizations, including public and private companies, government entities, and not-for-profit organizations conducting information security reviews and technical compliance checks. It is not intended for management systems audits.
Status: WithdrawnPublication date: 2011-10
Edition: 1Number of pages: 36
Technical Committee: ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection
- ICS :
- 35.030 IT Security
ISO/IEC TR 27008:2011Stage: 95.99
ISO/IEC TS 27008:2019
Got a question?
Check out our FAQs
+41 22 749 08 88
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)
Keep up to date with ISO
Sign up to our newsletter for the latest news, views and product information.