ISO standards
ISO 9000 is a family of standards for quality management systems.
The ISO 9001:2008 is a set of procedures that cover all key processes in the business, monitoring processes to ensure they are effective, keeping adequate records, checking output for defects, with appropriate and corrective action where necessary, regularly reviewing individual processes and the quality system itself for effectiveness and facilitating continual improvement.
http://en.wikipedia.org/wiki/ISO_9000
ISO 14000 is a family of internationally recognized standards for environmental management systems that is applicable to any business or organization, regardless of size, location
or income.
The ISO 14001 standard represents the core set of standards used by organizations for designing and implementing an effective environmental management system.The ISO 14000 environmental management standards exist to help organizations minimize how their operations negatively affect the environment.
http://en.wikipedia.org/wiki/ISO_14001
The ISO/IEC 27001 formally specifies a management system that is intended to bring information security under explicit management control. Being a formal specification means that it mandates specific requirements. Organizations that claim to have adopted ISO/IEC 27001 can therefore be formally audited and certified compliant with the standard.
ISO/IEC 27001 requires that management:
* Systematically examine the organization’s information security risks, taking account of the threats, vulnerabilities and impacts;
* Design and implement a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to
address those risks that are deemed unacceptable; and
* Adopt an overarching management process to ensure that the information security controls continue to meet the organization’s information security needs on an ongoing basis.
http://en.wikipedia.org/wiki/ISO/IEC_27001
The ISO/IEC 20000 is the first international standard for IT Service Management. It was developed in 2005, by the BSI Group. It is based on and intended to supersede the earlier, BS 15000.
ISO 20000, like its BS 15000 predecessor, was originally developed to reflect best practice guidance contained within the ITIL (Information Technology Infrastructure Library) framework, although it equally supports other IT Service Management frameworks and approaches including Microsoft Operations Framework and components of ISACA’s COBIT framework. It comprises two parts: a specification for IT Service Management and a code of practice for service management.
