ISO/IEC 27002

What is ISO 27002

ISO/IEC 27002, the most recent of which is ISO 27002:2013, has a close association with ISO 27001. Broadly speaking, it gives guidance on the implementation of ISO 27001.

ISO 27002:2013 is a Code of practice for the information security management system (ISMS) controls and goes into a much higher level of detail than the Annex A controls of ISO 27001.

You cannot certify against ISO 27002 because it is not a management standard.

ISMS Online Rating: 5 out of 5
Share This