ISO/IEC 27006 [documento eletrónico] : information technology: security techniques: requirements for bodies providing audit and certification of information security management systems
ISO/IEC 27007 [documento eletrónico] : information security, cybersecurity and privacy protection: guidelines for information security management systems auditing
ISO / IEC TS 27008 [documento eletrónico] : information technology — security techniques — guidelines for the assessment of information security controls