ISO 27002 clarification
Assign topic to the user
First of all, ISO/IEC 27002:2013 is not a management standard - ISO 27002 is only a guideline on how to implement the security controls from ISO 27001. See also this article: ISO 27001 vs ISO 27002: https://advisera.com/27001academy/knowledgebase/iso-27001-vs-iso-27002/
ISO 27001:2013 is a management standard, and it is the only management standard in the ISO 27k series. This 2013 revision of ISO 27001 had a predecessor (2005 revision of ISO 27001), so this might have caused the confusion.
See also this article: Infographic: New ISO 27001 2013 revision What has changed? https://advisera.com/27001academy/knowledgebase/infographic-new-iso-27001-2013-revision-what-has-changed/
Comment as guest or Sign in
Jan 12, 2016