1. Home
  2. Moldova standards
  3. STM
  4. St ISO IEC 27013-2021 amd1-2024

ISO IEC 27013-2021 amd1-2024 PDF

St ISO IEC 27013-2021 amd1-2024

Name in English:
St ISO IEC 27013-2021 amd1-2024

Name in Russian:
Ст ISO IEC 27013-2021 amd1-2024

Description in English:

Original standard ISO IEC 27013-2021 amd1-2024 in PDF full version. Additional info + preview on request

Description in Russian:
Оригинальный стандарт ISO IEC 27013-2021 amd1-2024 в PDF полная версия. Дополнительная инфо + превью по запросу
Document status:
Active
Format:
Electronic (PDF)
Delivery time (for English version):
1 business day
Delivery time (for Russian version):
365 business days
SKU:
stiso25972
Choose Document Language:
€25

Full title and description

ISO/IEC 27013:2021/Amd 1:2024 — Information security, cybersecurity and privacy protection — Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 — Amendment 1. This document is an amendment to ISO/IEC 27013:2021 providing clarifications, updated references and guidance to support integrated implementation of an information security management system (ISMS) and an IT service management system (SMS).

Abstract

This amendment updates ISO/IEC 27013:2021 to align terminology and references with later revisions of related management-system standards and to improve practical guidance for combining ISO/IEC 27001 and ISO/IEC 20000-1. It clarifies relationships between requirements and guidance for organizations that implement both ISMS and SMS, helping reduce duplication and support coordinated governance of security, privacy and service management.

General information

  • Status: Published
  • Publication date: December 10, 2024 (Amendment 1 to ISO/IEC 27013:2021).
  • Publisher: International Organization for Standardization (ISO) / International Electrotechnical Commission (IEC), developed under ISO/IEC JTC 1/SC 27.
  • ICS / categories: 35.020; 35.030; 03.080.99; 03.100.70
  • Edition / version: Amendment 1 to ISO/IEC 27013:2021 (designation ISO/IEC 27013:2021/Amd 1:2024; edition listed as Ed. 3.0 for the amended publication).
  • Number of pages: 4

Scope

This amendment applies to ISO/IEC 27013:2021 and provides targeted changes to improve guidance on the integrated implementation of ISO/IEC 27001 (information security management) and ISO/IEC 20000-1 (IT service management). The changes focus on aligning terminology and references (including updates driven by the 2022 revision of ISO/IEC 27001), clarifying where requirements and guidance overlap, and offering practical suggestions to reduce duplication when both management systems are implemented together.

Key topics and requirements

  • Updated references and terminology alignment with related management-system standards (notably ISO/IEC 27001 updates).
  • Clarification of the relationship between ISMS and ITSMS processes and roles to enable integrated governance.
  • Guidance to reduce duplication of controls, documentation and audit activities across ISMS and SMS.
  • Practical mapping and examples showing how service-management and information-security activities can be coordinated.
  • Amendments limited in scope (concise change set delivered as a short amendment document).

Typical use and users

Organizations implementing either or both ISO/IEC 27001 and ISO/IEC 20000-1 that seek to integrate their information security and IT service management approaches. Typical users include ISMS and ITSM managers, information security officers, service managers, internal and external auditors, consultants, and certification bodies assessing integrated management systems.

Related standards

ISO/IEC 27013:2021 (base standard amended); ISO/IEC 27001:2022 (Information security management systems — requirements); ISO/IEC 20000-1:2018 (Service management system — requirements); ISO/IEC 27002:2022 (security controls guidance); documents and guidance produced by ISO/IEC JTC 1/SC 27.

Keywords

ISO/IEC 27013; amendment 2024; integrated implementation; ISMS; ITSM; ISO/IEC 27001; ISO/IEC 20000-1; information security; cybersecurity; privacy; governance; controls mapping.

FAQ

Q: What is this standard?

A: It is Amendment 1 (2024) to ISO/IEC 27013:2021 — a short published amendment providing updates and clarifications for guidance on integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1.

Q: What does it cover?

A: The amendment covers updates to terminology and references, clarifications on how ISMS and ITSMS interact, and practical guidance to help organizations integrate information security and service management activities with less duplication.

Q: Who typically uses it?

A: ISMS and ITSM managers, security and service-management professionals, auditors, consultants, and organizations that operate both information-security and IT service-management systems.

Q: Is it current or superseded?

A: This is a current, published amendment to ISO/IEC 27013:2021 (published December 2024). It updates the 2021 edition of ISO/IEC 27013 rather than superseding it; users should apply the base 27013:2021 text together with this Amendment 1.

Q: Is it part of a series?

A: Yes — it belongs to the ISO/IEC 27000-series (information security) and is specifically focused on integration with the ISO/IEC 20000 family (service management); it was prepared by ISO/IEC JTC 1/SC 27.

Q: What are the key keywords?

A: Integrated implementation, ISMS, ITSMS, ISO/IEC 27001, ISO/IEC 20000-1, amendment 2024, information security, cybersecurity, privacy, controls mapping.