Chapter 2: Terms and definitions

ISO 27000:2018 defines key terms and definitions that are used across the ISO 27000 series of standards.⁴ You should read and understand these definitions before working your way through ISO 27001 and ISO 27002. Some of the most important ones are below:

• Attack – attempt to destroy, expose, alter, disable, steal or gain unauthorized access to or make unauthorized use of an asset.

• Audit – systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled.

• Availability – property of being accessible and usable on demand by an authorized entity.

• Confidentiality – property that information is not made available ...

Get ISO 27001/ISO 27002 - A guide to information security management systems now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

ISO 27001/ISO 27002 - A guide to information security management systems by Alan Calder

CHAPTER 2: TERMS AND DEFINITIONS

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly