Intermediary device security
I am new to the ISO 27000 series, and I would like to know where I will be able to find intermediary device security requirements In order to adhere to the ISO standards.
Assign topic to the user
ISO 27k series of standards does not have technical standards, i.e. they do not define technical security requirements. The main standard in the series is ISO 27001, and it works on the principle that you have to identify risks, and then based on those risks you have to define for yourself which kind of technical controls are applicable. In other words, to be compliant for ISO 27001, you need to set your own internal standards and rules, and make sure you comply with them.
If you want more technically-oriented standards, you can take a look at NIST sp800 series: https://csrc.nist.gov/publications/sp800
Learn more here: The basic logic of ISO 27001: How does information security work? https://advisera.com/27001academy/knowledgebase/the-basic-logic-of-iso-27001-how-does-information-security-work/
You'll also find this free online training useful: ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Oct 13, 2020