Es necesario conocer y dominar la ISO 27003 para la implementación de la ISO 27001? (Is it necessary to know and master ISO 27003 for the implementation of ISO 27001?)
Assign topic to the user
Expert
Rhand Leal
Feb 01, 2017
Answer: ISO 27003 refers to aspects needed for successful design and implementation of an Information Security Management System, but it is not a mandatory requirement for ISO 27001 implementation. You can think of it as a supporting tool, which will help you to better plan your implementation project, but you should consider these points:
1) ISO 27003 is very difficult to read - definitely not for beginners
2) Last version of ISO 27003 was published in 2010, i.e. before ISO 27001:2013 was published - therefore, it is not cover the changes of the current ISO 27001:2013
This article will provide you further explanation about ISO 27001 implementation:
- ISO 27001 implementation checklist https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/
- How to address main concerns with ISO 27001 implementation https://advisera.com/27001academy/blog/2013/10/2 2/how-to-address-main-concerns-with-iso-27001-implementation/
- How much does ISO 27001 implementation cost? https://advisera.com/27001academy/blog/2011/02/08/how-much-does-iso-27001-implementation-cost/
These materials will also help you regarding ISO 27001 implementation:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free webinar - ISO 27001: An overview of the ISMS implementation process https://advisera.com/27001academy/webinar/iso-27001-overview-isms-implementation-process-free-webinar-demand/
- Free online training ISO 27001 Foundations Course https://training.advisera.com/course/iso-27001-foundations-course/
Comment as guest or Sign in
Feb 01, 2017
Feb 01, 2017
Feb 01, 2017