Expert Advice Community

Home / ISO 27001 & 22301 / Is ISO 27002 acquisition necessary?

Guest

Is ISO 27002 acquisition necessary?

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Mar 02, 2018 Last commented:   Mar 02, 2018

Is ISO 27002 acquisition necessary?

ISO 27001 & 22301
Is it necessary to purchase 27002 standard, or is it’s contents contained completely in Annex A of 270001?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Expert
Rhand Leal Mar 02, 2018

Answer: ISO 27002 provides detailed guidance and recommendations on how to implement controls of ISO 27001 Annex A (which only presents objectives to be achieved and what controls should do), and although its acquisition is not mandatory to implement ISO 27001, it can provide a significant help in the implementation process

These articles will provide you further explanation about ISO 27001 and ISO 27002:
- The basic logic of ISO 27001: How does information security work? https://advisera.com/27001academy/knowledgebase/the-basic-logic-of-iso-27001-how-does-information-security-work/
- ISO 27001 vs. ISO 27002 https://advisera.com/27001academy/knowledgebase/iso-27001-vs-iso-27002/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Mar 02, 2018

Mar 02, 2018

Suggested Topics
LindaK Created:   Sep 08, 2024 ISO 27001 & 22301
Replies: 1
0 0

Template for ISO27001 Audit program
Ash Created:   Jan 21, 2024 ISO 27001 & 22301
Replies: 1
0 1

ISO 27001 Internal Audits
Garry Created:   Dec 10, 2023 ISO 27001 & 22301
Replies: 3
0 0

Understanding the core concepts of RPO & RTO - ISO 22301