Free PDF download: Penetration Testing and ISO 27001 – Securing your ISMS

  • Clause 6.1.2.c of ISO 27001 states that you must identify information security risks within the scope of your ISMS (information security management system).
  • Penetration testing establishes whether the security in place to protect a network or application against external threats is adequate and functioning correctly.
  • The threats and vulnerabilities identified by penetration testing will form a key input of your risk assessment, while the identified remedial action will inform your selection of controls.
  • This free green paper describes how penetration testing fits into an ISO 27001 ISMS project.


  • The three specific points at which penetration testing should be undertaken;
  • The importance of penetration testing to ISO 27001 risk assessments;
  • How penetration testing can demonstrate compliance with Annex A controls; and
  • Penetration testing’s use in the continual improvement of your ISMS.

Download your free green paper today!

Penetration Testing and ISO 27001 – Securing your ISMS
This website uses cookies. View our cookie policy
WIN £100