Chapter 4: ISO 27002

ISO 27002 is an essential companion to ISO 27001. Unlike ISO 27001, it does not contain requirements for implementing an ISMS and you cannot seek certification against it. Instead, it provides detailed information and guidance on the information security controls listed in Annex A of ISO 27001, making it invaluable when implementing an ISMS for the first time. Even experienced practitioners can benefit from ISO 27002, as the guidance can be used to help evaluate the organisation’s information security controls, reducing the risk of control-related nonconformities and highlighting potential improvements.

Introduction

The nature of providing extensive guidance related to information security controls necessarily involves the ...

Get ISO 27001/ISO 27002 - A guide to information security management systems now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

ISO 27001/ISO 27002 - A guide to information security management systems by Alan Calder

CHAPTER 4: ISO 27002

Introduction

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly