UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

ISO/IEC 27002

Information security, cybersecurity and privacy protection - Information security controls

inactive
Organization: ISO
Publication Date: 1 February 2022
Status: inactive
Page Count: 164
ICS Code (IT Security): 35.030
scope:

This document provides a reference set of generic information security controls including implementation guidance. This document is designed to be used by organizations:

a) within the context of an information security management system (ISMS) based on ISO/IEC 27001;

b) for implementing information security controls based on internationally recognized best practices;

c) for developing organization-specific information security management guidelines.

Document History

ISO/IEC 27002
February 1, 2022
Information security, cybersecurity and privacy protection - Information security controls
This document provides a reference set of generic information security controls including implementation guidance. This document is designed to be used by organizations: a) within the context of an...
ISO/IEC 27002
February 1, 2022
Information security, cybersecurity and privacy protection - Information security controls
This document provides a reference set of generic information security controls including implementation guidance. This document is designed to be used by organizations: a) within the context of an...
ISO/IEC 27002
November 15, 2015
Information technology - Security techniques - Code of practice for information security controls TECHNICAL CORRIGENDUM 2
A description is not available for this item.
ISO/IEC 27002
September 15, 2014
Information technology - Security techniques - Code of practice for information security controls TECHNICAL CORRIGENDUM 1
A description is not available for this item.
ISO/IEC 27002
October 1, 2013
Information technology - Security techniques - Code of practice for information security controls
This International Standard gives guidelines for organizational information security standards and information security management practices including the selection, implementation and management of...
ISO/IEC 27002
June 15, 2005
Information technology - Security techniques - Code of practice for information security management
This International Standard establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization. The objectives...
View Less
View All

References

This document references:
ISO 15489-1 - Information and documentation - Records management - Part 1: Concepts and principles
Published by ISO on April 15, 2016
This part of ISO 15489 defines the concepts and principles from which approaches to the creation, capture and management of records are developed. This part of ISO 15489 describes concepts and...
This document references:
ISO 21500 - Project, programme and portfolio management — Context and concepts
Published by ISO on March 1, 2021
This document specifies the organizational context and underlying concepts for undertaking project, programme and portfolio management. It also provides guidance for organizations to adopt or improve...
This document references:
ISO 21502 - Project, programme and portfolio management — Guidance on project management
Published by ISO on December 1, 2020
This document gives guidelines for project management. It is applicable to any organization, including public, private and charitable, as well as to any type of project, regardless of purpose,...
This document references:
ISO 22301 - Security and resilience — Business continuity management systems — Requirements
Published by ISO on October 1, 2019
This document specifies requirements to implement, maintain and improve a management system to protect against, reduce the likelihood of the occurrence of, prepare for, respond to and recover from...
This document references:
ISO 22313 - Security and resilience — Business continuity management systems — Guidance on the use of ISO 22301
Published by ISO on February 1, 2020
This document gives guidance and recommendations for applying the requirements of the business continuity management system (BCMS) given in ISO 22301. The guidance and recommendations are based on...
This document is referenced by:
EN IEC 81001-5-1 - Health software and health IT systems safety, effectiveness and security - Part 5-1: Security - Activities in the product life cycle
Published by CENELEC on February 1, 2022
This document defines the LIFE CYCLE requirements for development and maintenance of HEALTH SOFTWARE needed to support conformance to IEC 62443-4-1[11] – taking the specific needs for HEALTH SOFTWARE...
This document is referenced by:
ISO/IEC 23751 - Information technology — Cloud computing and distributed platforms — Data sharing agreement (DSA) framework
Published by ISO on February 1, 2022
This document establishes a set of building blocks, i.e. concepts, terms, and definitions, including Data Level Objectives (DLOs) and Data Qualitative Objectives (DQOs), that can be used to create...
This document is referenced by:
SN EN ISO/IEC 27007 - Information security, cybersecurity and privacy protection - Guidelines for information security management systems auditing
Published by SNV on January 1, 2022
ISO/IEC 27007 provides guidance on managing an information security management system (ISMS) audit programme, on conducting audits, and on the competence of ISMS auditors, in addition to the guidance...
This document is referenced by:
X.1054 - Information security, cybersecurity and privacy protection – Governance of information security
Published by ITU-T on April 1, 2021
This Recommendation | International Standard provides guidance on concepts, objectives and processes for the governance of information security, by which organizations can evaluate, direct, monitor...
This document is referenced by:
BS ISO/IEC 27013 - TC - Tracked Changes (Redline) - Information security, cybersecurity and privacy protection - Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1
Published by BSI on May 6, 2022
A description is not available for this item.
View Less
View All
Advertisement