Specifies requirements and provides guidance for bodies providing audit and certification of an information security management system (ISMS), in addition to the requirements contained in within ISO/IEC 17021(published in South Africa as an identical ado