Take the ISO 27001 course exam and get the EU GDPR course exam for free
LIMITED-TIME OFFER – VALID UNTIL SEPTEMBER 30, 2021

Expert Advice Community

Guest

ISO 27001 and ISO 27002

  Quote
Guest
Guest user Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

ISO 27001 and ISO 27002

 Never applied a standard before what is easiest and why is ISO27002 not audited - how do you get it if not audited?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Guest
AntonioS Jan 12, 2016

There is always a first time. If you refer to the implementation of the ISO 27001, it is composed of a series of stages, and depending of the company, each phase can be more or less easy. If you need a checklist for its implementation, please read this “ISO 27001 implementation checklist": https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/
 
If you refer to the implementation of the ISO 27002, also depending of the company will be more/less easy implement the security controls (related to IT, HR, legal, etc.)
 
On the other hand, ISO 27002 is only a code of best practices, this means that the certification bodies not certify it, so there isn´t specific audit for only the ISO 27002. Although you can see in the Annex A of the ISO 27001 all security controls of the ISO 27002 (which are audited in a ISO 27001 audit), but you can only see a brief description, in the ISO 27002 you ca n see for each control an implementation guide. 

 
If you want to know more about the differences between ISO 27001 and ISO 27002, please read this article “ISO 27001 vs. ISO 27002": https://advisera.com/27001academy/knowledgebase/iso-27001-vs-iso-27002/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics

Guest user Created:   Jun 14, 2019 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 and ISO 27002

Guest user Created:   Jun 17, 2017 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 and ISO 27002