Please note that ISO27002:2005 has now been superseded by ISO27002:2013, which you can buy here: ISO27002:2013.
ISO27002:2013 complements ISO27001:2013. For further guidance on ISO27001 and ISO27002 and which versions you may need, please see our information pages here: ISO27001.
ISO/IEC 17799:2005 was renamed ISO/IEC 27002:2005 (Information technology - Security techniques - Code of practice for information security management). ISO/IEC 17799:2005 and ISO/IEC 27002:2005 are identical.
ISO/IEC 27002:2005 establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organisation.
ISO/IEC 27002:2005 details a comprehensive set of information security control objectives and a selection of best-practice controls.
We now also offer an ANSI INCITS adoption of this standard in a hardcopy format. This ANSI INCITS adoption contains exactly the same content as any other adoption, except it is substantially cheaper in price.
This standard should be read with ISO/IEC 27001 and ISO/IEC 27005. You can purchase all three standards together in a single kit here: ISO/IEC 27001 and ISO/IEC 27005.