Meaning of information to ISO 27001
Question refers to this article: European 2017 Revision of ISO/IEC 27001: What has changed? https://advisera.com/27001academy/blog/2017/10/25/european-2017-revision-of-isoiec-27001-what-has-changed/
Assign topic to the user
ISO 27002 corrigendum related to change of control objective A.8.1.1 in ISO 27001 does not add any clarification regarding the meaning of information. It only makes texts adjustments regarding the change of control objective. To see this related corrigendum, please access this ISO page: https://www.iso.org/obp/ui/#iso:std:iso-iec:27002:ed-2:v1:cor:1:v1:en
In fact, ISO 27001 series do not define the meaning of information, allowing organizations to use the definition considered more appropriate to their context. So, my recommendation to you is that your organization document a definition for information that is adequate to its context and implement its controls according this definition.
Comment as guest or Sign in
Nov 03, 2017