1、INTERNATIONA1.STANDARDISO/IEC27021editionFirst2017-10AMENDMENT12021-12Informationtechno1.ogySecuritytechniquesCompetencerequirementsforinformationsecuritymanagementsystemsprofessiona1.sAMENDMENT1:AdditionofISO/IEC27001:2013c1.ausesorsubc1.ausestoCompetencereqUirementSgeWonKcuriMEXigenCeS1dMMWKmM-70f
2、m料dmttre冲rM网加面由山dtdaftigftmanagementde1.asdcUr隈AMENDEMENT1:Ajoutd,artic1.esoudeparagraphesdeV1.SO/1.EC27001:2013auxexigencesenmatieredecompetenceReferencenumberISO/IEC27021:2017Amd.1.:2021(E)ISO/IEC2021COPYRIGHTPROTECTEDDOCUMENTISO/1EC2021IUirhM*hedbdi1.iUedotherwiseupdhi.or啪UtPSd1.MDemkHronMotmankt
3、t10tf1.*Mqn1.CfifH8hndonnet8CH-1214VemierrGenevaPhone:M1.22749O1.11觥曲ite:图洲跳触OQrgPub1.ishedinSwitzer1.andForewordISO(theInternationa1.OrganizationforStandardization)andIEC(theInternationa1.E1.ectrotechnica1.fiomb&0ofi)SrmStonwbcdiaAion.StMndaniritknhghtechnirbcommitteesestab1.ishedbytherespectiveorg
4、anizationtodea1.withparticu1.arfie1.dsoftechnica1.activity.ISOandIECmitteesco1.1.aborateinfie1.dsofmutua1.interest.Otherinternationa1.ojnizationsrgovernmenta1.andnon-governmenta1.,in1.iaisonwithISOandIECra1.sotakepartintheTheproceduresusedtodeve1.opthisdocumentandthoseintendedforitsfurthermaintenanc
5、eare窗nf8妙CS1.g月M野用曲帆帆版IiO1.PdpMXh小*ert三ft设帆fi!i懈崛Cdedtheeditoria1.ru1.esofthe1SOIECDirectives,Part2(seewww.iso.org/direc1.ives).HRfi8h11g用色Wn淤.法8腐RAfa1?岛也昌f品M幅b1.cf即第屈%y用I1fgNubjcctrights.Detai1.sofanypatentrightsidentifiedduringthedeve1.opmentof*hd必411kntWinbeintheIntroductionand/orontheISO1.istofP
6、juMMdedi3MeWcd(seewww.iso.org/patents)ortheIEC1.istofpatentdec1.arationsreceived(seehttps:/patents.iec.ch).Anytradenameusedinthisdocumentisinformationgivenfortheconvenienceofusersanddoesnotconstituteanendorsementfffpmsionsextintft(bnOftotheeWwhU电”阚nt,stand朋dBtAei11Kmnonatfttspe4HQ,5tthincetoth。WoFki
7、Trada。伸皿kn(WTO)princip1.esintheTechnica1.BarrierstoTrade(TBT),seewww.iso.org/iso/foreword.hrm1.3翻碎曜Mc海砂R三枷也UW/8痛就CMWC8MMMSOIEd眄MamJ碇Hnaaontechno1.ogy.Anyfeedbackorquestionsonthisdomentshou1.dbedirectedtotheuser/snationa1.standardsbody.Acomp1.ete1.istingofthesebodiescanbefoundatwww.iso.orgnenbers.hm1
8、Informationtechno1.ogySecuritytechniques一Competencerequirementsforinformationsecuritymanagementsystemsprofessiona1.sAMENDMENT1:AdditionofISO/IEC27001:2013c1.ausesorsubc1.ausestocompetencerequirements5.6Inthefirstrow,rep1.ace,Noapp1.icab1.ec1.ausesorsubc1.auses*withthefo1.1.owing:8.1Operationa1.p1.a
9、nningandcontro1.5.8Inthefirstrow,rep1.ace,Noapp1.icab1.ec1.ausesorSubc1.ausesnwiththefo1.1.owing:6.1Actionstoaddressrisksandopportunities(6.1.1)5.10Inthefirstrow,rep1.aceNoapp1.icab1.ec1.ausesorsubc1.auses,*withthefo1.1.owing:6.1Actionstoaddressrisksandopportunities6.2Informationsecurityobjectivesan
10、dp1.anningtoachievethem5.11Inthefirstrow,rep1.acemNoapp1.icab1.ec1.ausesorsubc1.auses,*withthefo1.1.owing:6.2Informationsecurityobjectivesandp1.anningtoachievethem5.12Inthefirstrow,rep1.aceNoapp1.icab1.ec1.ausesorsubc1.auses,*withthefo1.1.owing:4.3Detenniningthescopeoftheinformationsecuritymanagemen
11、tsystem5Operationa1.p1.anningandcontro1.Inthefirstrow,rep1.aceNoapp1.icab1.ec1.ausesorsubc1.auses,*withthefo1.1.owing:9.3Managementreview6.1.2Inthefirstrow,rep1.aceNoapp1.icab1.ec1.ausesorsubdauseswiththefo1.1.owing:4.2UnderstandingtheneedsandexpectationsOfintcrestedparties5.3Organizationa1.ro1.es,responsibi1.itiesandauthorities6.2.3Inthefirstrow,add(6.1.2and6.1.3)afteropportunities6.6.3Inthefirstrow,rep1.aceNoapp1.icab1.ec1.ausesorsubc1.auseswiththefo1.1.owing:6.2Informationsecurityobjectivesandp1.anningtoachievethem6.2,e)6.1.1Genera1.6.1.1,c)ICS35.030Pricebasedon2pages
