5. ISO 27002 standard
This standard is not a requirement standard, and therefore does not have to be met in order to be certified. It is a guide standard. Its role is to help people understand the normative requirements and to facilitate ISMS implementation.
This standard comprises 14 sections on safety measures, with a total of 35 main safety categories and 114 measures. Each clause defining safety measures contains several safety categories. Each safety category comprises a safety objective (goal to be achieved) and one or more measures to achieve this safety objective.
The description of safety measures is divided into three parts:
measure, which specifies the appropriate measure for the safety objective ;
implementation recommendations, which provide detailed information on...
The Ultimate Scientific and Technical Reference
This article is included in
Software technologies and System architectures
This offer includes:
Knowledge Base
Updated and enriched with articles validated by our scientific committees
Services
A set of exclusive tools to complement the resources
Practical Path
Operational and didactic, to guarantee the acquisition of transversal skills
Doc & Quiz
Interactive articles with quizzes, for constructive reading
ISO 27002 standard
Identify assets
Bibliography
Works
Software tools
Audit diagnostic evaluation system (ADES). This tool manages several reference grids. It enables audit/evaluation findings to be entered into a database, and improvement actions to be recorded. It then reports on the audit/assessment findings recorded in the database. Comparisons between two audits/assessments enable improvements to be assessed. A slideshow presenting the functionalities is available for download at the...
Websites
French Standards Association (AFNOR) http://www.afnor.fr
International Organization for Standardization (ISO) http://www.iso.ch
International Electrotechnical Commission (IEC) http://www.iec.ch
...Standards and norms
International standards on quality management and quality assurance
- Quality management systems – Basic principles and vocabulary - ISO 9000 - 2005
- Quality management systems – Requirements (new version expected in 2015) - ISO 9001 - 2008
- Quality management systems – Performance improvement guidelines - ISO 9004 - 2009
- Environmental management systems – Specifications and...
The Ultimate Scientific and Technical Reference
