ISO/IEC 27002:2005 - Revision history

User: The LinkTitles extension automatically added links to existing pages (https://github.com/bovender/LinkTitles).

2021-02-06T16:15:53Z

The LinkTitles extension automatically added links to existing pages (https://github.com/bovender/LinkTitles).

User at 18:12, 18 December 2019

2019-12-18T18:12:02Z

User: Created page with "ISO/IEC 27002:2005 comprises ISO/IEC 17799:2005 and ISO/IEC 17799:2005/Cor.1:2007. Its technical content is identical to that of ISO/IEC 17799:2005. ISO/IEC 17799:2005/Cor.1:2..."

2019-12-18T18:00:02Z

Created page with "ISO/IEC 27002:2005 comprises ISO/IEC 17799:2005 and ISO/IEC 17799:2005/Cor.1:2007. Its technical content is identical to that of ISO/IEC 17799:2005. ISO/IEC 17799:2005/Cor.1:2..."

New page

ISO/IEC 27002:2005 comprises ISO/IEC 17799:2005 and ISO/IEC 17799:2005/Cor.1:2007. Its technical content is identical to that of ISO/IEC 17799:2005. ISO/IEC 17799:2005/Cor.1:2007 changes the reference number of the standard from 17799 to 27002.

ISO/IEC 27002:2005 establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization. The objectives outlined provide general guidance on the commonly accepted goals of information security management. ISO/IEC 27002:2005 contains best practices of control objectives and controls in the following areas of information security management:
*security policy;
*organization of information security;
*asset management;
*human resources security;
*physical and environmental security;
*communications and operations management;
*access control;
*information systems acquisition, development and maintenance;
*information security incident management;
*business continuity management;
*compliance.
The control objectives and controls in ISO/IEC 27002:2005 are intended to be implemented to meet the requirements identified by a risk assessment. ISO/IEC 27002:2005 is intended as a common basis and practical guideline for developing organizational security standards and effective security management practices, and to help build confidence in inter-organizational activities.<ref> What is ISO/IEC 27002:2005 [https://www.iso.org/standard/50297.html ISO.org]</ref>

← Older revision		Revision as of 18:12, 18 December 2019
Line 1:		Line 1:
−	ISO/IEC 27002:2005 comprises ISO/IEC 17799:2005 and ISO/IEC 17799:2005/Cor.1:2007. Its technical content is identical to that of ISO/IEC 17799:2005. ISO/IEC 17799:2005/Cor.1:2007 changes the reference number of the standard from 17799 to 27002.	+	'''ISO/IEC 27002:2005''' comprises ISO/IEC 17799:2005 and ISO/IEC 17799:2005/Cor.1:2007. Its technical content is identical to that of ISO/IEC 17799:2005. ISO/IEC 17799:2005/Cor.1:2007 changes the reference number of the standard from 17799 to 27002.

	ISO/IEC 27002:2005 establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization. The objectives outlined provide general guidance on the commonly accepted goals of information security management. ISO/IEC 27002:2005 contains best practices of control objectives and controls in the following areas of information security management:		ISO/IEC 27002:2005 establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization. The objectives outlined provide general guidance on the commonly accepted goals of information security management. ISO/IEC 27002:2005 contains best practices of control objectives and controls in the following areas of information security management:

@@ Line 1: / Line 1: @@
-'''ISO/IEC 27002:2005''' comprises ISO/IEC 17799:2005 and ISO/IEC 17799:2005/Cor.1:2007. Its technical content is identical to that of ISO/IEC 17799:2005. ISO/IEC 17799:2005/Cor.1:2007 changes the reference number of the standard from 17799 to 27002.
+'''ISO/IEC 27002:2005''' comprises ISO/IEC 17799:2005 and ISO/IEC 17799:2005/Cor.1:2007. Its technical content is identical to that of ISO/IEC 17799:2005. ISO/IEC 17799:2005/Cor.1:2007 changes the reference number of the [[standard]] from 17799 to 27002.
-ISO/IEC 27002:2005 establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization. The objectives outlined provide general guidance on the commonly accepted goals of information security management. ISO/IEC 27002:2005 contains best practices of control objectives and controls in the following areas of information security management:
+ISO/IEC 27002:2005 establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security [[management]] in an [[organization]]. The objectives outlined provide general guidance on the commonly accepted [[goals]] of information security management. ISO/IEC 27002:2005 contains best practices of [[control]] objectives and controls in the following areas of information security management:
-*security policy;
+*security [[policy]];
 *organization of information security;
-*asset management;
+*[[asset]] management;
 *human resources security;
 *physical and environmental security;
 *communications and operations management;
 *access control;
-*information systems acquisition, development and maintenance;
+*information systems [[acquisition]], development and maintenance;
 *information security incident management;
-*business continuity management;
+*[[business]] continuity management;
-*compliance.
+*[[compliance]].
-The control objectives and controls in ISO/IEC 27002:2005 are intended to be implemented to meet the requirements identified by a risk assessment. ISO/IEC 27002:2005 is intended as a common basis and practical guideline for developing organizational security standards and effective security management practices, and to help build confidence in inter-organizational activities.<ref> What is ISO/IEC 27002:2005 [https://www.iso.org/standard/50297.html ISO.org]</ref>
+The control objectives and controls in ISO/IEC 27002:2005 are intended to be implemented to meet the requirements identified by a [[risk]] assessment. ISO/IEC 27002:2005 is intended as a common basis and practical [[guideline]] for developing organizational security standards and effective security management practices, and to help build confidence in inter-organizational activities.<ref> What is ISO/IEC 27002:2005 [https://www.iso.org/standard/50297.html ISO.org]</ref>