SlideShare a Scribd company logo

ISO.IEC 27001 27002-2013

Jason Rusch - CISSP CGEIT CISM CISA GNSA
Jason Rusch - CISSP CGEIT CISM CISA GNSA

This document outlines an information security management standard with 18 sections and 114 controls organized under 14 groups. The standard provides guidance on security policies, asset management, access control, cryptography, physical security, operations, systems development, supplier relationships, communications, incident management, business continuity, and compliance. It was authored by Jason P. Rusch and references ISO/IEC 27001 and 27002 for information security standards.

Business
1 of 1
Download to read offline
ISO:IEC 27001:27002 Information Security Management Standard 0 Introduction 01 - Scope 02 - Normative references 03 - Terms and definitions Authored by; Jason P. Rusch 04 - Context of organization 05 - Leadership 06 - Planning 07 - Support 08 - Operation 10 – Improvement 09 – Performance evaluation SECURITY POLICIES ORGANIZATION OF INFORMATION SECURITY HUMAN RESOURCES SECURITY ASSET MANAGEMENT ACCESS CONTROL CRYPTOGRAPHY PHYSICAL AND ENVIRONMENTAL SECURITY OPERATIONS SECURITY INFORMATION SYSTEMS ACQUISITION, DEVELOPMENT/MAINTENANCE SUPPLIER RELATIONSHIPS COMMUNICATIONS SECURITY (11) (10) (12) (13) (14) (15) (09) (08) (07) (06) (05) INFORMATION SECURITY INCIDENT MANAGEMENT (16) INFORMATION SECURITY ASPECTS OF BUSINESS CONTINUITY (17) COMPLIANCE (18) (2) (7) (6) (10) (14) (2) (15) (14) (7) (13) (5) (7) (4) (8) 114 controls in 14 groups 27002:201327001:2013

Recommended

Developing a Security Policy That Will Survive
Developing a Security Policy That Will SurviveDeveloping a Security Policy That Will Survive
Developing a Security Policy That Will Survive
digitallibrary
 
Jesper Frederikson - Key learnings from scaling saas successes and failures
Jesper Frederikson - Key learnings from scaling saas successes and failures Jesper Frederikson - Key learnings from scaling saas successes and failures
Jesper Frederikson - Key learnings from scaling saas successes and failures
SaaStock
 
RESILIA positioning map
RESILIA positioning mapRESILIA positioning map
RESILIA positioning map
SERVIEW GmbH
 
Accel Ops Csobc Sans Webcast 090210.Ppt
Accel Ops Csobc Sans Webcast 090210.PptAccel Ops Csobc Sans Webcast 090210.Ppt
Accel Ops Csobc Sans Webcast 090210.Ppt
Stephen Tsuchiyama
 
Inspec, or how to translate compliance spreadsheets into code
Inspec, or how to translate compliance spreadsheets into codeInspec, or how to translate compliance spreadsheets into code
Inspec, or how to translate compliance spreadsheets into code
Michael Goetz
 
Certificate_Specialist_cherrasm
Certificate_Specialist_cherrasmCertificate_Specialist_cherrasm
Certificate_Specialist_cherrasmCheryl Rasmussen
 
What "good at software" looks like
What "good at software" looks likeWhat "good at software" looks like
What "good at software" looks like
Richard Seroter
 
pegasus-brochure_26-7-16
pegasus-brochure_26-7-16pegasus-brochure_26-7-16
pegasus-brochure_26-7-16Siobhan O'Sullivan
 

Recommended

Developing a Security Policy That Will Survive
Developing a Security Policy That Will SurviveDeveloping a Security Policy That Will Survive
Developing a Security Policy That Will Survive
digitallibrary
 
Jesper Frederikson - Key learnings from scaling saas successes and failures
Jesper Frederikson - Key learnings from scaling saas successes and failures Jesper Frederikson - Key learnings from scaling saas successes and failures
Jesper Frederikson - Key learnings from scaling saas successes and failures
SaaStock
 
RESILIA positioning map
RESILIA positioning mapRESILIA positioning map
RESILIA positioning map
SERVIEW GmbH
 
Accel Ops Csobc Sans Webcast 090210.Ppt
Accel Ops Csobc Sans Webcast 090210.PptAccel Ops Csobc Sans Webcast 090210.Ppt
Accel Ops Csobc Sans Webcast 090210.Ppt
Stephen Tsuchiyama
 
Inspec, or how to translate compliance spreadsheets into code
Inspec, or how to translate compliance spreadsheets into codeInspec, or how to translate compliance spreadsheets into code
Inspec, or how to translate compliance spreadsheets into code
Michael Goetz
 
Certificate_Specialist_cherrasm
Certificate_Specialist_cherrasmCertificate_Specialist_cherrasm
Certificate_Specialist_cherrasmCheryl Rasmussen
 
What "good at software" looks like
What "good at software" looks likeWhat "good at software" looks like
What "good at software" looks like
Richard Seroter
 
pegasus-brochure_26-7-16
pegasus-brochure_26-7-16pegasus-brochure_26-7-16
pegasus-brochure_26-7-16Siobhan O'Sullivan
 
Certificate_Strategist_cherrasm
Certificate_Strategist_cherrasmCertificate_Strategist_cherrasm
Certificate_Strategist_cherrasmCheryl Rasmussen
 
Integrating Multiple IT Security Standards
Integrating Multiple IT Security StandardsIntegrating Multiple IT Security Standards
Integrating Multiple IT Security Standards
Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
Innovations dbsec-12c-pub
Innovations dbsec-12c-pubInnovations dbsec-12c-pub
Innovations dbsec-12c-pubOracleIDM
 
ISO 27002 2013 Atualizações / mudanças
ISO 27002 2013 Atualizações / mudanças ISO 27002 2013 Atualizações / mudanças
ISO 27002 2013 Atualizações / mudanças
Fernando Palma
 
How does ISO 27001 Certification secure My organization?
How does ISO 27001 Certification secure My organization?How does ISO 27001 Certification secure My organization?
How does ISO 27001 Certification secure My organization?
isocert2
 
Protected Workloads Security Shakedown
Protected Workloads Security ShakedownProtected Workloads Security Shakedown
Protected Workloads Security Shakedown
Amazon Web Services
 
Iso 27001 certification
Iso 27001 certificationIso 27001 certification
Iso 27001 certification
ramya119
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMS
Business Beam
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 Introduction
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005
ControlCase
 
Iso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaIso27001- Nashwan Mustafa
Iso27001- Nashwan Mustafa
Fahmi Albaheth
 
Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1
Sylvain Martinez
 
S nandakumar
S nandakumarS nandakumar
S nandakumarIPPAI
 
S nandakumar_banglore
S nandakumar_bangloreS nandakumar_banglore
S nandakumar_bangloreIPPAI
 
UNINFO - BIG DATA & Information Security Standards - Guasconi
UNINFO - BIG DATA & Information Security Standards - GuasconiUNINFO - BIG DATA & Information Security Standards - Guasconi
UNINFO - BIG DATA & Information Security Standards - Guasconi
BL4CKSWAN Srl
 
Standards & Framework.pdf
Standards & Framework.pdfStandards & Framework.pdf
Standards & Framework.pdf
karthikvcyber
 
Standards & Framework.ppt
Standards & Framework.pptStandards & Framework.ppt
Standards & Framework.ppt
karthikvcyber
 
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
PECB
 
2008: Web Application Security Tutorial
2008: Web Application Security Tutorial2008: Web Application Security Tutorial
2008: Web Application Security Tutorial
Neil Matatall
 
Integrated Management Systems
Integrated Management SystemsIntegrated Management Systems
Integrated Management Systems
Dennis Arter
 
Cybersecurity Frameworks for DMZCON23 230905.pdf
Cybersecurity Frameworks for DMZCON23 230905.pdfCybersecurity Frameworks for DMZCON23 230905.pdf
Cybersecurity Frameworks for DMZCON23 230905.pdf
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Understanding the NIST Risk Management Framework: 800-37 Rev. 2
Understanding the NIST Risk Management Framework: 800-37 Rev. 2Understanding the NIST Risk Management Framework: 800-37 Rev. 2
Understanding the NIST Risk Management Framework: 800-37 Rev. 2
Denise Tawwab
 

More Related Content

What's hot

Certificate_Strategist_cherrasm
Certificate_Strategist_cherrasmCertificate_Strategist_cherrasm
Certificate_Strategist_cherrasmCheryl Rasmussen
 
Integrating Multiple IT Security Standards
Integrating Multiple IT Security StandardsIntegrating Multiple IT Security Standards
Integrating Multiple IT Security Standards
Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
Innovations dbsec-12c-pub
Innovations dbsec-12c-pubInnovations dbsec-12c-pub
Innovations dbsec-12c-pubOracleIDM
 
ISO 27002 2013 Atualizações / mudanças
ISO 27002 2013 Atualizações / mudanças ISO 27002 2013 Atualizações / mudanças
ISO 27002 2013 Atualizações / mudanças
Fernando Palma
 
How does ISO 27001 Certification secure My organization?
How does ISO 27001 Certification secure My organization?How does ISO 27001 Certification secure My organization?
How does ISO 27001 Certification secure My organization?
isocert2
 
Protected Workloads Security Shakedown
Protected Workloads Security ShakedownProtected Workloads Security Shakedown
Protected Workloads Security Shakedown
Amazon Web Services
 

What's hot (6)

Certificate_Strategist_cherrasm
Certificate_Strategist_cherrasmCertificate_Strategist_cherrasm
Certificate_Strategist_cherrasm
 
Integrating Multiple IT Security Standards
Integrating Multiple IT Security StandardsIntegrating Multiple IT Security Standards
Integrating Multiple IT Security Standards
 
Innovations dbsec-12c-pub
Innovations dbsec-12c-pubInnovations dbsec-12c-pub
Innovations dbsec-12c-pub
 
ISO 27002 2013 Atualizações / mudanças
ISO 27002 2013 Atualizações / mudanças ISO 27002 2013 Atualizações / mudanças
ISO 27002 2013 Atualizações / mudanças
 
How does ISO 27001 Certification secure My organization?
How does ISO 27001 Certification secure My organization?How does ISO 27001 Certification secure My organization?
How does ISO 27001 Certification secure My organization?
 
Protected Workloads Security Shakedown
Protected Workloads Security ShakedownProtected Workloads Security Shakedown
Protected Workloads Security Shakedown
 

Similar to ISO.IEC 27001 27002-2013

Iso 27001 certification
Iso 27001 certificationIso 27001 certification
Iso 27001 certification
ramya119
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMS
Business Beam
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 Introduction
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005
ControlCase
 
Iso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaIso27001- Nashwan Mustafa
Iso27001- Nashwan Mustafa
Fahmi Albaheth
 
Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1
Sylvain Martinez
 
S nandakumar
S nandakumarS nandakumar
S nandakumarIPPAI
 
S nandakumar_banglore
S nandakumar_bangloreS nandakumar_banglore
S nandakumar_bangloreIPPAI
 
UNINFO - BIG DATA & Information Security Standards - Guasconi
UNINFO - BIG DATA & Information Security Standards - GuasconiUNINFO - BIG DATA & Information Security Standards - Guasconi
UNINFO - BIG DATA & Information Security Standards - Guasconi
BL4CKSWAN Srl
 
Standards & Framework.pdf
Standards & Framework.pdfStandards & Framework.pdf
Standards & Framework.pdf
karthikvcyber
 
Standards & Framework.ppt
Standards & Framework.pptStandards & Framework.ppt
Standards & Framework.ppt
karthikvcyber
 
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
PECB
 
2008: Web Application Security Tutorial
2008: Web Application Security Tutorial2008: Web Application Security Tutorial
2008: Web Application Security Tutorial
Neil Matatall
 
Integrated Management Systems
Integrated Management SystemsIntegrated Management Systems
Integrated Management Systems
Dennis Arter
 
Cybersecurity Frameworks for DMZCON23 230905.pdf
Cybersecurity Frameworks for DMZCON23 230905.pdfCybersecurity Frameworks for DMZCON23 230905.pdf
Cybersecurity Frameworks for DMZCON23 230905.pdf
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Understanding the NIST Risk Management Framework: 800-37 Rev. 2
Understanding the NIST Risk Management Framework: 800-37 Rev. 2Understanding the NIST Risk Management Framework: 800-37 Rev. 2
Understanding the NIST Risk Management Framework: 800-37 Rev. 2
Denise Tawwab
 
Information security management system
Information security management systemInformation security management system
Information security management systemArani Srinivasan
 
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
ISO 27001 INFORMATION TECHNOLOGY MANAGEMENT SYSTEM
ISO 27001 INFORMATION TECHNOLOGY MANAGEMENT SYSTEMISO 27001 INFORMATION TECHNOLOGY MANAGEMENT SYSTEM
ISO 27001 INFORMATION TECHNOLOGY MANAGEMENT SYSTEM
Rozil Anwar
 
RSA: CSA GRC Stack Update for the CSA Atlanta Chapter
RSA: CSA GRC Stack Update for the CSA Atlanta ChapterRSA: CSA GRC Stack Update for the CSA Atlanta Chapter
RSA: CSA GRC Stack Update for the CSA Atlanta Chapter
Phil Agcaoili
 

Similar to ISO.IEC 27001 27002-2013 (20)

Iso 27001 certification
Iso 27001 certificationIso 27001 certification
Iso 27001 certification
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMS
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 Introduction
 
Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005
 
Iso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaIso27001- Nashwan Mustafa
Iso27001- Nashwan Mustafa
 
Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1
 
S nandakumar
S nandakumarS nandakumar
S nandakumar
 
S nandakumar_banglore
S nandakumar_bangloreS nandakumar_banglore
S nandakumar_banglore
 
UNINFO - BIG DATA & Information Security Standards - Guasconi
UNINFO - BIG DATA & Information Security Standards - GuasconiUNINFO - BIG DATA & Information Security Standards - Guasconi
UNINFO - BIG DATA & Information Security Standards - Guasconi
 
Standards & Framework.pdf
Standards & Framework.pdfStandards & Framework.pdf
Standards & Framework.pdf
 
Standards & Framework.ppt
Standards & Framework.pptStandards & Framework.ppt
Standards & Framework.ppt
 
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
 
2008: Web Application Security Tutorial
2008: Web Application Security Tutorial2008: Web Application Security Tutorial
2008: Web Application Security Tutorial
 
Integrated Management Systems
Integrated Management SystemsIntegrated Management Systems
Integrated Management Systems
 
Cybersecurity Frameworks for DMZCON23 230905.pdf
Cybersecurity Frameworks for DMZCON23 230905.pdfCybersecurity Frameworks for DMZCON23 230905.pdf
Cybersecurity Frameworks for DMZCON23 230905.pdf
 
Understanding the NIST Risk Management Framework: 800-37 Rev. 2
Understanding the NIST Risk Management Framework: 800-37 Rev. 2Understanding the NIST Risk Management Framework: 800-37 Rev. 2
Understanding the NIST Risk Management Framework: 800-37 Rev. 2
 
Information security management system
Information security management systemInformation security management system
Information security management system
 
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
 
ISO 27001 INFORMATION TECHNOLOGY MANAGEMENT SYSTEM
ISO 27001 INFORMATION TECHNOLOGY MANAGEMENT SYSTEMISO 27001 INFORMATION TECHNOLOGY MANAGEMENT SYSTEM
ISO 27001 INFORMATION TECHNOLOGY MANAGEMENT SYSTEM
 
RSA: CSA GRC Stack Update for the CSA Atlanta Chapter
RSA: CSA GRC Stack Update for the CSA Atlanta ChapterRSA: CSA GRC Stack Update for the CSA Atlanta Chapter
RSA: CSA GRC Stack Update for the CSA Atlanta Chapter
 

More from Jason Rusch - CISSP CGEIT CISM CISA GNSA

NIST sp800 53-v4 Topology
NIST sp800 53-v4 TopologyNIST sp800 53-v4 Topology
NIST sp800 53-v4 Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
ISO.IEC 27000 Series Map
ISO.IEC 27000 Series MapISO.IEC 27000 Series Map
ISO.IEC 27000 Series Map
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
Cobit v5 High Level Controls Topology
Cobit v5 High Level Controls TopologyCobit v5 High Level Controls Topology
Cobit v5 High Level Controls Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
Cobit & ISO 27002 Governance Topology
Cobit & ISO 27002 Governance TopologyCobit & ISO 27002 Governance Topology
Cobit & ISO 27002 Governance Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
GLBA Topology
GLBA TopologyGLBA Topology
GLBA Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
HIPAA Topology
HIPAA TopologyHIPAA Topology
HIPAA Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
ISO.IEC_27001-27002-2013 Topology
ISO.IEC_27001-27002-2013 TopologyISO.IEC_27001-27002-2013 Topology
ISO.IEC_27001-27002-2013 Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
PCI-DSS DESV Topology
PCI-DSS DESV TopologyPCI-DSS DESV Topology
PCI-DSS DESV Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
DATA PROTECTION LAWS OF THE WORLD
DATA PROTECTION LAWS OF THE WORLDDATA PROTECTION LAWS OF THE WORLD
DATA PROTECTION LAWS OF THE WORLD
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
Common Security Framework Summary
Common Security Framework SummaryCommon Security Framework Summary
Common Security Framework Summary
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
Information_Governance_Risk_Compliance_Frameworks (v5)
Information_Governance_Risk_Compliance_Frameworks (v5)Information_Governance_Risk_Compliance_Frameworks (v5)
Information_Governance_Risk_Compliance_Frameworks (v5)
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
SOX Titles Topology
SOX Titles TopologySOX Titles Topology
SOX Titles Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
ITIL v3 Topology
ITIL v3 TopologyITIL v3 Topology
ITIL v3 Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
HITRUST CSF Topology
HITRUST CSF TopologyHITRUST CSF Topology
HITRUST CSF Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
HIPAA Topology
HIPAA TopologyHIPAA Topology
HIPAA Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
GLBA Topology
GLBA TopologyGLBA Topology
GLBA Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
COSO ERM Topology
COSO ERM TopologyCOSO ERM Topology
COSO ERM Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
Octave Topology
Octave TopologyOctave Topology
Octave Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
FFIEC I.T. Booklets Topology
FFIEC I.T. Booklets TopologyFFIEC I.T. Booklets Topology
FFIEC I.T. Booklets Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 

More from Jason Rusch - CISSP CGEIT CISM CISA GNSA (20)

NIST sp800 53-v4 Topology
NIST sp800 53-v4 TopologyNIST sp800 53-v4 Topology
NIST sp800 53-v4 Topology
 
CSA v4 Topology
CSA v4 TopologyCSA v4 Topology
CSA v4 Topology
 
ISO.IEC 27000 Series Map
ISO.IEC 27000 Series MapISO.IEC 27000 Series Map
ISO.IEC 27000 Series Map
 
Cobit v5 High Level Controls Topology
Cobit v5 High Level Controls TopologyCobit v5 High Level Controls Topology
Cobit v5 High Level Controls Topology
 
Cobit & ISO 27002 Governance Topology
Cobit & ISO 27002 Governance TopologyCobit & ISO 27002 Governance Topology
Cobit & ISO 27002 Governance Topology
 
GLBA Topology
GLBA TopologyGLBA Topology
GLBA Topology
 
HIPAA Topology
HIPAA TopologyHIPAA Topology
HIPAA Topology
 
ISO.IEC_27001-27002-2013 Topology
ISO.IEC_27001-27002-2013 TopologyISO.IEC_27001-27002-2013 Topology
ISO.IEC_27001-27002-2013 Topology
 
PCI-DSS DESV Topology
PCI-DSS DESV TopologyPCI-DSS DESV Topology
PCI-DSS DESV Topology
 
DATA PROTECTION LAWS OF THE WORLD
DATA PROTECTION LAWS OF THE WORLDDATA PROTECTION LAWS OF THE WORLD
DATA PROTECTION LAWS OF THE WORLD
 
Common Security Framework Summary
Common Security Framework SummaryCommon Security Framework Summary
Common Security Framework Summary
 
Information_Governance_Risk_Compliance_Frameworks (v5)
Information_Governance_Risk_Compliance_Frameworks (v5)Information_Governance_Risk_Compliance_Frameworks (v5)
Information_Governance_Risk_Compliance_Frameworks (v5)
 
SOX Titles Topology
SOX Titles TopologySOX Titles Topology
SOX Titles Topology
 
ITIL v3 Topology
ITIL v3 TopologyITIL v3 Topology
ITIL v3 Topology
 
HITRUST CSF Topology
HITRUST CSF TopologyHITRUST CSF Topology
HITRUST CSF Topology
 
HIPAA Topology
HIPAA TopologyHIPAA Topology
HIPAA Topology
 
GLBA Topology
GLBA TopologyGLBA Topology
GLBA Topology
 
COSO ERM Topology
COSO ERM TopologyCOSO ERM Topology
COSO ERM Topology
 
Octave Topology
Octave TopologyOctave Topology
Octave Topology
 
FFIEC I.T. Booklets Topology
FFIEC I.T. Booklets TopologyFFIEC I.T. Booklets Topology
FFIEC I.T. Booklets Topology
 

Recently uploaded

Auditing study material for b.com final year students
Auditing study material for b.com final year studentsAuditing study material for b.com final year students
Auditing study material for b.com final year students
narasimhamurthyh4
 
-- June 2024 is National Volunteer Month --
-- June 2024 is National Volunteer Month ---- June 2024 is National Volunteer Month --
-- June 2024 is National Volunteer Month --
NZSG
 
Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...
dylandmeas
 
3.0 Project 2_ Developing My Brand Identity Kit.pptx
3.0 Project 2_ Developing My Brand Identity Kit.pptx3.0 Project 2_ Developing My Brand Identity Kit.pptx
3.0 Project 2_ Developing My Brand Identity Kit.pptx
tanyjahb
 
ikea_woodgreen_petscharity_cat-alogue_digital.pdf
ikea_woodgreen_petscharity_cat-alogue_digital.pdfikea_woodgreen_petscharity_cat-alogue_digital.pdf
ikea_woodgreen_petscharity_cat-alogue_digital.pdf
agatadrynko
 
buy old yahoo accounts buy yahoo accounts
buy old yahoo accounts buy yahoo accountsbuy old yahoo accounts buy yahoo accounts
buy old yahoo accounts buy yahoo accounts
Susan Laney
 
In the Adani-Hindenburg case, what is SEBI investigating.pptx
In the Adani-Hindenburg case, what is SEBI investigating.pptxIn the Adani-Hindenburg case, what is SEBI investigating.pptx
In the Adani-Hindenburg case, what is SEBI investigating.pptx
Adani case
 
amptalk_RecruitingDeck_english_2024.06.05
amptalk_RecruitingDeck_english_2024.06.05amptalk_RecruitingDeck_english_2024.06.05
amptalk_RecruitingDeck_english_2024.06.05
marketing317746
 
Evgen Osmak: Methods of key project parameters estimation: from the shaman-in...
Evgen Osmak: Methods of key project parameters estimation: from the shaman-in...Evgen Osmak: Methods of key project parameters estimation: from the shaman-in...
Evgen Osmak: Methods of key project parameters estimation: from the shaman-in...
Lviv Startup Club
 
Building Your Employer Brand with Social Media
Building Your Employer Brand with Social MediaBuilding Your Employer Brand with Social Media
Building Your Employer Brand with Social Media
LuanWise
 
The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...
Adam Smith
 
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s DholeraTata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
Avirahi City Dholera
 
Premium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern BusinessesPremium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern Businesses
SynapseIndia
 
Project File Report BBA 6th semester.pdf
Project File Report BBA 6th semester.pdfProject File Report BBA 6th semester.pdf
Project File Report BBA 6th semester.pdf
RajPriye
 
Top mailing list providers in the USA.pptx
Top mailing list providers in the USA.pptxTop mailing list providers in the USA.pptx
Top mailing list providers in the USA.pptx
JeremyPeirce1
 
Observation Lab PowerPoint Assignment for TEM 431
Observation Lab PowerPoint Assignment for TEM 431Observation Lab PowerPoint Assignment for TEM 431
Observation Lab PowerPoint Assignment for TEM 431
ecamare2
 
Anny Serafina Love - Letter of Recommendation by Kellen Harkins, MS.
Anny Serafina Love - Letter of Recommendation by Kellen Harkins, MS.Anny Serafina Love - Letter of Recommendation by Kellen Harkins, MS.
Anny Serafina Love - Letter of Recommendation by Kellen Harkins, MS.
AnnySerafinaLove
 
The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...
Adam Smith
 
Recruiting in the Digital Age: A Social Media Masterclass
Recruiting in the Digital Age: A Social Media MasterclassRecruiting in the Digital Age: A Social Media Masterclass
Recruiting in the Digital Age: A Social Media Masterclass
LuanWise
 
Company Valuation webinar series - Tuesday, 4 June 2024
Company Valuation webinar series - Tuesday, 4 June 2024Company Valuation webinar series - Tuesday, 4 June 2024
Company Valuation webinar series - Tuesday, 4 June 2024
FelixPerez547899
 

Recently uploaded (20)

Auditing study material for b.com final year students
Auditing study material for b.com final year studentsAuditing study material for b.com final year students
Auditing study material for b.com final year students
 
-- June 2024 is National Volunteer Month --
-- June 2024 is National Volunteer Month ---- June 2024 is National Volunteer Month --
-- June 2024 is National Volunteer Month --
 
Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...
 
3.0 Project 2_ Developing My Brand Identity Kit.pptx
3.0 Project 2_ Developing My Brand Identity Kit.pptx3.0 Project 2_ Developing My Brand Identity Kit.pptx
3.0 Project 2_ Developing My Brand Identity Kit.pptx
 
ikea_woodgreen_petscharity_cat-alogue_digital.pdf
ikea_woodgreen_petscharity_cat-alogue_digital.pdfikea_woodgreen_petscharity_cat-alogue_digital.pdf
ikea_woodgreen_petscharity_cat-alogue_digital.pdf
 
buy old yahoo accounts buy yahoo accounts
buy old yahoo accounts buy yahoo accountsbuy old yahoo accounts buy yahoo accounts
buy old yahoo accounts buy yahoo accounts
 
In the Adani-Hindenburg case, what is SEBI investigating.pptx
In the Adani-Hindenburg case, what is SEBI investigating.pptxIn the Adani-Hindenburg case, what is SEBI investigating.pptx
In the Adani-Hindenburg case, what is SEBI investigating.pptx
 
amptalk_RecruitingDeck_english_2024.06.05
amptalk_RecruitingDeck_english_2024.06.05amptalk_RecruitingDeck_english_2024.06.05
amptalk_RecruitingDeck_english_2024.06.05
 
Evgen Osmak: Methods of key project parameters estimation: from the shaman-in...
Evgen Osmak: Methods of key project parameters estimation: from the shaman-in...Evgen Osmak: Methods of key project parameters estimation: from the shaman-in...
Evgen Osmak: Methods of key project parameters estimation: from the shaman-in...
 
Building Your Employer Brand with Social Media
Building Your Employer Brand with Social MediaBuilding Your Employer Brand with Social Media
Building Your Employer Brand with Social Media
 
The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...
 
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s DholeraTata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
 
Premium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern BusinessesPremium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern Businesses
 
Project File Report BBA 6th semester.pdf
Project File Report BBA 6th semester.pdfProject File Report BBA 6th semester.pdf
Project File Report BBA 6th semester.pdf
 
Top mailing list providers in the USA.pptx
Top mailing list providers in the USA.pptxTop mailing list providers in the USA.pptx
Top mailing list providers in the USA.pptx
 
Observation Lab PowerPoint Assignment for TEM 431
Observation Lab PowerPoint Assignment for TEM 431Observation Lab PowerPoint Assignment for TEM 431
Observation Lab PowerPoint Assignment for TEM 431
 
Anny Serafina Love - Letter of Recommendation by Kellen Harkins, MS.
Anny Serafina Love - Letter of Recommendation by Kellen Harkins, MS.Anny Serafina Love - Letter of Recommendation by Kellen Harkins, MS.
Anny Serafina Love - Letter of Recommendation by Kellen Harkins, MS.
 
The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...
 
Recruiting in the Digital Age: A Social Media Masterclass
Recruiting in the Digital Age: A Social Media MasterclassRecruiting in the Digital Age: A Social Media Masterclass
Recruiting in the Digital Age: A Social Media Masterclass
 
Company Valuation webinar series - Tuesday, 4 June 2024
Company Valuation webinar series - Tuesday, 4 June 2024Company Valuation webinar series - Tuesday, 4 June 2024
Company Valuation webinar series - Tuesday, 4 June 2024
 

ISO.IEC 27001 27002-2013

  • 1. ISO:IEC 27001:27002 Information Security Management Standard 0 Introduction 01 - Scope 02 - Normative references 03 - Terms and definitions Authored by; Jason P. Rusch 04 - Context of organization 05 - Leadership 06 - Planning 07 - Support 08 - Operation 10 – Improvement 09 – Performance evaluation SECURITY POLICIES ORGANIZATION OF INFORMATION SECURITY HUMAN RESOURCES SECURITY ASSET MANAGEMENT ACCESS CONTROL CRYPTOGRAPHY PHYSICAL AND ENVIRONMENTAL SECURITY OPERATIONS SECURITY INFORMATION SYSTEMS ACQUISITION, DEVELOPMENT/MAINTENANCE SUPPLIER RELATIONSHIPS COMMUNICATIONS SECURITY (11) (10) (12) (13) (14) (15) (09) (08) (07) (06) (05) INFORMATION SECURITY INCIDENT MANAGEMENT (16) INFORMATION SECURITY ASPECTS OF BUSINESS CONTINUITY (17) COMPLIANCE (18) (2) (7) (6) (10) (14) (2) (15) (14) (7) (13) (5) (7) (4) (8) 114 controls in 14 groups 27002:201327001:2013