![]() ![]() Within the ISO 27001 family, there are many other vital documents. The same controls also appear in ISO 27001, Annex A, which can lead to confusion but don’t worry, a good GRC tool will provide you with the appropriate objectives from both 2702! What are the Different ISO Certifications? ISO 27002 provides a library of control objectives for InfoSec, which can be used within the framework of your ISMS (e.g., conducting an inventory of assets, securing networks, etc.). The ISMS provides tools for management to make decisions, exercise control, and audit the effectiveness of InfoSec efforts within the company. The 27001 standard provides requirements for businesses to implement and operate an Information Security Management System, or ISMS. Deciphering the various numbers can be confusing at first, but each standard is numbered and deals with a specific facet of managing your company’s information security risk management efforts.Īt a minimum, you need to know ISO/IEC 2702. The ISO 27001 family, published by the International Organization for Standardization, includes a set of standards for information security. If using an ISO audit software tool to achieve ISO certification is on your compliance roadmap, here’s a quick primer to get you up to speed and jumpstart your ISO compliance efforts. ISO 27001 compliance can be confusing because the sheer volume of standards is overwhelming, but the right program can ensure business continuity.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |