ISO IEC 27021-2017 amd1-2021.docx

INTERNATIONA1.STANDARDISO/IEC27021editionFirst2017-10AMENDMENT12021-12Informationtechno1.ogySecuritytechniquesCompetencerequirementsforinformationsecuritymanagementsystemsprofessiona1.sAMENDMENT1:AdditionofISO/IEC27001:2013c1.ausesorsubc1.ausestoCompetencereqUirementSgeWonKcuriMEXigenCeS1dMM"WKmM-70fm料dmttre冲rM"网加面由山dtdaftigftmanagementde1.asdcUr隈AMENDEMENT1:Ajoutd,artic1.esoudeparagraphesdeV1.SO/1.EC27001:2013auxexigencesenmatieredecompetenceReferencenumberISO/IEC27021:2017Amd.1.:2021(E)©ISO/IEC2021COPYRIGHTPROTECTEDDOCUMENT©ISO/1EC2021IUirhM*hedbdi1.iUedotherwiseupdhi.or啪UtPSd1.MDemk<Hron<Motmanktt10tf1.*Mqn1.C<t即8c。PF1.P(HriHMntIOnmaytheinternetoranintranet,withoutpriorwrittenpermission.PermissioncanberequestedfromeitherISOattheaddressbe1.oworISO'smemberbodyinthecountr)oftherequester.bft>>fifH8hndonnet8CH-1214VemierrGenevaPhone：M1.22749O1.11觥曲ite：图洲跳触OQrgPub1.ishedinSwitzer1.andForewordISO(theInternationa1.OrganizationforStandardization)andIEC(theInternationa1.E1.ectrotechnica1.fiomb&0ofi)SrmStonwbcdiaAion.StMndaniritknhghtechnirbcommitteesestab1.ishedbytherespectiveorganizationtodea1.withparticu1.arfie1.dsoftechnica1.activity.ISOandIECmitteesco1.1.aborateinfie1.dsofmutua1.interest.Otherinternationa1.ojnizationsrgovernmenta1.andnon-governmenta1.,in1.iaisonwithISOandIECra1.sotakepartintheTheproceduresusedtodeve1.opthisdocumentandthoseintendedforitsfurthermaintenanceare窗nf8妙CS1.g月M野用曲帆帆版IiO1.PdpMXh小*ert三ft设帆fi!i懈崛Cdedtheeditoria1.ru1.esofthe1SOIECDirectives,Part2(seewww.iso.org/direc1.ives).HR¾fi8h11g用色Wn淤.法8腐"R®Afa1?岛也昌f品M幅b1.cf即第屈%y用I1fgNubjcctrights.Detai1.sofanypatentrightsidentifiedduringthedeve1.opmentof*hd必411kntWinbeintheIntroductionand/orontheISO1.istofPjuMMdedi3MeWcd(seewww.iso.org/patents)ortheIEC1.istofpatentdec1.arationsreceived(seehttps:/patents.iec.ch).Anytradenameusedinthisdocumentisinformationgivenfortheconvenienceofusersanddoesnotconstituteanendorsementfffpmsionsextintft(bnOftotheeWwhU电”阚nt,stand朋dBtAei11K>mnonatfttspe4HQ,5tthincetoth。WoFkiTrada。伸皿"k>n(WTO)princip1.esintheTechnica1.BarrierstoTrade(TBT),seewww.iso.org/iso/foreword.hrm1.3翻碎曜Mc海砂R三枷也UW/8痛就CMWC8MMMSOIEd眄MamJ碇Hnaaontechno1.ogy.Anyfeedbackorquestionsonthisdomentshou1.dbedirectedtotheuser/snationa1.standardsbody.Acomp1.ete1.istingofthesebodiescanbefoundatwww.iso.orgnenbers.h<m1.Informationtechno1.ogySecuritytechniques一Competencerequirementsforinformationsecuritymanagementsystemsprofessiona1.sAMENDMENT1:AdditionofISO/IEC27001:2013c1.ausesorsubc1.ausestocompetencerequirements5.6Inthefirstrow,rep1.ace',Noapp1.icab1.ec1.ausesorsubc1.auses'*withthefo1.1.owing：8.1Operationa1.p1.anningandcontro1.5.8Inthefirstrow,rep1.ace',Noapp1.icab1.ec1.ausesorSubc1.ausesnwiththefo1.1.owing:6.1Actionstoaddressrisksandopportunities(6.1.1)5.10Inthefirstrow,rep1.ace"Noapp1.icab1.ec1.ausesorsubc1.auses,*withthefo1.1.owing：6.1Actionstoaddressrisksandopportunities6.2Informationsecurityobjectivesandp1.anningtoachievethem5.11Inthefirstrow,rep1.acemNoapp1.icab1.ec1.ausesorsubc1.auses,*withthefo1.1.owing：6.2Informationsecurityobjectivesandp1.anningtoachievethem5.12Inthefirstrow,rep1.ace"Noapp1.icab1.ec1.ausesorsubc1.auses,*withthefo1.1.owing：4.3Detenniningthescopeoftheinformationsecuritymanagementsystem5Operationa1.p1.anningandcontro1.Inthefirstrow,rep1.ace'Noapp1.icab1.ec1.ausesorsubc1.auses,*withthefo1.1.owing：9.3Managementreview6.1.2Inthefirstrow,rep1.ace"Noapp1.icab1.ec1.ausesorsubdauses"withthefo1.1.owing:4.2UnderstandingtheneedsandexpectationsOfintcrestedparties5.3Organizationa1.ro1.es,responsibi1.itiesandauthorities6.2.3Inthefirstrow,add"(6.1.2and6.1.3)"after"opportunities"6.6.3Inthefirstrow,rep1.ace"Noapp1.icab1.ec1.ausesorsubc1.auses"withthefo1.1.owing：6.2Informationsecurityobjectivesandp1.anningtoachievethem6.2,e)6.1.1Genera1.6.1.1,c)ICS35.030Pricebasedon2pages