ISO/IEC 27001:2013 specifies requirements for establishing, implementing, operating, and monitoring, reviewing, maintaining and continuous improvement of the Information Security Management System within the context of the organization. 356 more words
Tags » Iso 27001 Certification
ISO 27001 specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and continuously improving an Information Security Management System within the context of the organization. 267 more words
According to ISO/IEC 27000 series, ISO/IEC 27002 is International Standard that provides a list of commonly accepted control objectives and best practice controls to be used as implementation guide when selecting and implementing controls for achieving information security. 144 more words
In planning the ISMS implementation in the organization, we should do the analysis about existing and expected security condition which is called gap analysis.
Gap analysis is activities that is used to quantitatively assess the actual condition compared with possibility to achieved optimum performance in information security context. 188 more words