Skip to Main Content
This website uses cookies. View our cookie policy
Close
United Kingdom
Select regional store:
Will you survive a cyber attack? Conquer cyber risks by mapping your path to cyber resilience. Take the self-assessment >>
ISO/IEC 27002:2013 (ISO27002 ISO 27002) Code of Practice for InfoSec Controls

ISO/IEC 27002 2013 (ISO27002 ISO 27002) Code of Practice for InfoSec Controls

SKU: 4331
Publishers: ISO/IEC
Format: Hardcopy
Pages: 80
Published: 25 Sep 2013
Availability: In Stock
Format: PDF
Pages: 80
Published: 25 Sep 2013
Availability: Available to Order
The international Standard which supports the implementation of an Information Security Management System (ISMS) based on the requirements of ISO27001.
Options:
Price: £122.00

Description

ISO/IEC 27002:2013 Information Technology – Security Techniques - Code of Practice for Information Security Controls

ISO27002:2013 is the international Standard which supports the implementation of an Information Security Management System (ISMS) based on the requirements of ISO/IEC 27001:2013. It establishes the guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organisation.

Buy this Standard with its accompanying Standard, ISO/IEC 27001:2013, together in one package here.


What are the differences between 2005 and 2013 editions of ISO/IEC 27002?

ISO/IEC 27002:2013 has been updated to reflect the many changes which have taken effect in ISO/IEC27001, and is fully aligned to the new 2013 version of ISO27001.

For example:

  • The number of controls in ISO/IEC 27002 has been changed to match the number in ISO/IEC 27001, and ISO27002 now specifies 35 control objectives, each of which is supported by at least one control, giving a total number of 114.
  • As the structure of Annex A in ISO27001 has been updated, so ISO27002 has been updated to reflect the new structure.
  • The terminology used in the standard has been revised to be aligned with that in ISO27001.

Standard outline

  • Introduction
  • 1. Scope
  • 2. Normative references
  • 3. Terms and definitions
  • 4. Structure of this standard - Clauses and Control categories
  • 5. Information security policies - Management direction for information security
  • 6. Organization of information security - Internal organization and Mobile devices and teleworking
  • 7. Human resource security - Prior to employment, During employment, Termination and change of employment
  • 8. Asset management - Responsibility for assets, Information classification and Media handling
  • 9. Access control - Business requirements of access control, User access management, User responsibilities and System and application access control
  • 10. Cryptography - Cryptographic controls
  • 11. Physical and environmental security - Secure areas and Equipment
  • 12. Operations security - Operational procedures and responsibilities, Production from malware, Backup, Logging and monitoring, Control of operational software, Technical vulnerability management and Information systems audit coordination
  • 13. Communication security - Network security management and Information transfer
  • 14. System acquisition, development and maintenance - Security requirements of information systems, Security in development and support processes and Test data
  • 15. Supplier relationships - Information security in supplier relationships and Supplier service delivery management
  • 16. Information security incident management - Management of information security incidents and improvements
  • 17. Information security aspects of business continuity management - Information security continuity and Redundancies
  • 18. Compliance – compliance with legal and contractual requirements and iInformation security reviews

Please note: We supply the interchangeable British and international adoptions of ISO27002, which all contain exactly the same content.


Corrigenda

Please note that two Technical Corrigenda have been issued since ISO/IEC 27002:2013 was published. These can be downloaded free of charge direct from ISO via the following links:


Customer Reviews

(0.00)stars out of 5
# of Ratings: 0
Loading...