Guest user Created: Jun 17, 2017 Last commented: Jun 17, 2017

ISO 27001 and ISO 27002

I am currently heading IT Infra of a large company. To improvise my personal qualification bank and to possibly implement ISO in the company, I would like to which should I pursue - 27001 or 27002. I also want to add its weight to my CV.

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Jun 17, 2017

Answer: Since you mentioned your current role is heading IT infra, I'd suggest you pursue first ISO 27001 knowledge, because it can help you understand how justify and prioritize which security controls should be implemented and how they should be managed, activities more related to your role. Additionally, if you are considering ISO implementation, ISO 27001 is the standard to be considered, since ISO 27002 is not certifiable.

ISO 27002 focuses on details and recommendations to be observed for implementing ISO 27001 Annex A controls, and are more recommended for technical and operational personnel.

This article will provide you further explanation about ISO 27001 and ISO 27002 standards:
- ISO 27001 vs. ISO 27002 https://advisera.com/27001academy/knowledgebase/iso-27001-vs-iso-27002/

These materials will also help you regarding ISO 27001 and ISO 27002 standards:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jun 17, 2017

Expert Advice Community