Information security, and hence ISO/IEC 27002, is relevant to all types of organization including commercial enterprises of all sizes (from one-man-bands up to multinational giants), not-for-profits, charities, government departments and quasi-autonomous bodies - in fact any organization that handles and depends on information. Like governance and risk management, information security management is a broad topic with ramifications for all organizations. Its lineage stretches back more than 30 years to the precursors of BS 7799. ISO/IEC 27002 is a popular, internationally-recognized standard of good practice for information security. Status of the standard with notes about the 3rd edition being draftedĪbstract “This International Standard offers a collection of commonly accepted information security control objectives and controls and includes guidelines for implementing these controls.” Introduction ISMS implementation guidance and further resources Introduction to ISO/IEC 27002 ( scope and relationship to ISO/IEC 27001)Ĭontents of ISO/IEC 27002 (outline of the 19+ sections) ISO/IEC 27002:2013 - Information technology - Security techniques - Code of practice for information security controls (second edition)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |