• Home
  • Consultancy
  • Training
  • Products
  • Events
  • Case Studies
  • About us
Home

The relationship between ISO 27002 and ISO 27001

ISO/IEC 27002:2005 (ISO 27002) was previously known as ISO/IEC:17799:2005 but was renamed in 2007 to bring it in line with other Standards within the ISO 27000 family.

ISO 27002 is entitled "Information Technology – Security Techniques - Code of Practice for Information Security Management" and provides guidance and best practice information on the implementation of each of the 133 controls within the Standard.

An organisation wishing to comply with ISO 27002 can select controls from the Standard and implement controls based on the best practice contained within the guide.

ISO 27001 is entitled "Information Technology – Security Techniques – Information Security Management Systems Requirements" and provides a framework for those organisations who are seeking formal certification.

Certification is provided by an external assessment body who are accredited to certify organisations to ISO 27001.

  • Consultancy Introduction
  • Information Security (ISO 27001)
    • Information Security (ISO 27001)
    • Relationship between ISO 27002 & ISO 27001
    • How to Comply with ISO 27002 or Certify to ISO 27001
    • ISO 27001 Awareness Training
    • ISO 27001 Case Studies
  • Information Security (PCI DSS)
    • Information Security (PCI DSS)
    • Stages of Compliance to PCI-DSS
  • Information Security (DMA DataSeal)
  • Business Continuity Management (BS 25999)
    • Business Continuity Management (BS 25999)
    • Significance of BS 25999
    • How to deploy BS 25999 - Lifecycle Stages
    • Crisis Management Simulation Exercises
    • New ISO Standard for BCM - ISO 22301
  • IT Service Management (ITIL & ISO 20000)
    • IT Service Management (ITIL & ISO 20000)
    • Significance of ITIL & ISO 20000
    • How to deploy ITIL or certify with ISO 20000
  • Data Protection
    • Data Protection - Introduction
    • URM's approach to Data Protection
    • BS 10012 - New DPA Standard
  • Information Risk Management
    • Information Risk Management
    • URM's approach to Information Risk Management
  • Software Asset Management
    • Software Asset Management
    • URM's approach to Software Asset Management
  • Polices & Procedures
    • Polices & Procedures
    • URM's approach to Polices & Procedures

Copyright © Ultima Risk Management, 2010. All Rights Reserved

  • contact us
  • careers
  • terms of use
  • privacy
  • site map