New Information Security Standard ISO27008: Guidelines For Auditors on Information Security Controls

Information security control reviews and technical compliance testing should be integral parts of any enterprise-wide information security programme. if you are involved in auditing information security controls then the new ISO27008:2011 is essential.

The new ISO/IEC TR 27008:2011 Standard provides guidance on reviewing implementation and operation information security controls within an organisation. It supports the risk management process in ISO/IEC 27001 and the information security controls in ISO/IEC 27002.

This new standard is applicable in any type of organisation and of particular benefit to those undertaking security reviews and technical compliance checks.

ISO27008 (ISO/IEC 27008) Guidelines for Auditors on Information Security Controls
Share Share on Twitter Share on Facebook Share on LinkedIn
ISO27008 (ISO/IEC 27008) Guidelines for Auditors on Information Security Controls

Price: £170.00

Learn more

Buy Now


This new Standard will help your organisation to:

  • Identify potential problems in your organisations implementation and operation of information security controls
  • Identify and understand the potential organisational impacts of inadequately mitigated information security threats and vulnerabilities
  • Prioritise information security risk mitigation activities
  • Confirm that previously identified or emergent information security weaknesses or deficiencies have been adequately addressed, and/or
  • Support budgetary decisions within the investment process and other management decisions relating to improvement of the organisation’s information security management

Download ISO27008 today >>>