Assign topic to the user
Answer: ISO 27003 refers to aspects needed for successful design and implementation of an Information Security Management System, but it is not a mandatory requirement for ISO 27001 implementation. You can think of it as a supporting tool, which will help you to better plan your implementation project, but you should consider these points:
1) ISO 27003 is very difficult to read - definitely not for beginners
2) Last version of ISO 27003 was published in 2010, i.e. before ISO 27001:2013 was published - therefore, it is not cover the changes of the current ISO 27001:2013
This article will provide you further explanation about ISO 27001 implementation:
- ISO 27001 implementation checklist https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/
- How to address main concerns with ISO 27001 implementation https://advisera.com/27001academy/blog/2013/10/22/how-to-address-main-concerns-with-iso-27001-implementation/
- How much does ISO 27001 implementation cost? https://advisera.com/27001academy/blog/2011/02/08/how-much-does-iso-27001-implementation-cost/
These materials will also help you regarding ISO 27001 implementation:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free webinar - ISO 27001: An overview of the ISMS implementation process https://advisera.com/27001academy/webinar/iso-27001-overview-isms-implementation-process-free-webinar-demand/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Feb 01, 2017