ISO 27002 Compliance When Formulating an Information Management and Security Policy Checklist

Summary

The ISO 27002 standard is a code of practice for information security that sets out guidelines and general principles for developing and implementing information security management policies. Developed jointly by the International Organization for Standardization (ISO) and International Electrotechnical Commission (IES), the standard assumes companies will undertake an appropriate risk assessment before preparing their data security policies and use the standard to implement solutions to the particular issues identified.