ISO 27001 and ISO 27002
Assign topic to the user
Answer: Since you mentioned your current role is heading IT infra, I'd suggest you pursue first ISO 27001 knowledge, because it can help you understand how justify and prioritize which security controls should be implemented and how they should be managed, activities more related to your role. Additionally, if you are considering ISO implementation, ISO 27001 is the standard to be considered, since ISO 27002 is not certifiable.
ISO 27002 focuses on details and recommendations to be observed for implementing ISO 27001 Annex A controls, and are more recommended for technical and operational personnel.
This article will provide you further explanation about ISO 27001 and ISO 27002 standards:
- ISO 27001 vs. ISO 27002 https://advisera.com/27001academy/knowledgebase/iso-27001-vs-iso-27002/
These materials will also help you regarding ISO 27001 and ISO 27002 standards:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Jun 17, 2017