Search results
ISO/IEC 27002 is an information security standard published by the International Organization for Standardization (ISO) and by the International Electrotechnical Commission (IEC), titled Information security, cybersecurity and privacy protection — Information security controls.
- 27000 Series
ISO/IEC 27002 — Information security, cybersecurity and...
- ISO/IEC 27001
ISO/IEC 27001 is an international standard to manage...
- ISO/IEC 27000
ISO/IEC 27000. This article is about the individual 27000...
- 27000 Series
What is ISO/IEC 27002? ISO/IEC 27002 is an international standard that provides guidance for organizations looking to establish, implement, and improve an Information Security Management System (ISMS) focused on cybersecurity. While ISO/IEC 27001 outlines the requirements for an ISMS, ISO/IEC 27002 offers best practices and control objectives ...
- p
People also ask
What is ISO/IEC 27002?
What are ISO 27002 Information security controls?
What is ISO 27002 2022?
Who prepared ISO/IEC 27002?
- 0.1 Background and context. This document is designed for organizations of all types and sizes. It is to be used as a reference for determining and implementing controls for information security risk treatment in an information security management system (ISMS) based on ISO/IEC 27001.
- 0.2 Information security requirements. It is essential that an organization determines its information security requirements. There are three main sources of information security requirements
- 0.3 Controls. A control is defined as a measure that modifies or maintains risk. Some of the controls in this document are controls that modify risk, while others maintain risk.
- 0.4 Determining controls. Determining controls is dependent on the organization?s decisions following a risk assessment, with a clearly defined scope. Decisions related to identified risks should be based on the criteria for risk acceptance, risk treatment options and the risk management approach applied by the organization.
Mar 12, 2024 · ISO/IEC 27002:2022 is an information security standard published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). ISO 27002 has a close association with ISO 27001. Broadly speaking, it gives guidance on implementing an ISO 27001 ISMS.