Naming of ISO 27001 Annex
Assign topic to the user
ISO 27001 Annex A is directly related in numbering to ISO 27002 (a non-mandatory standard which provides guidance for implementation of Annex A controls), and sections 1 to 4 in ISO 27002 do not cover controls:
0 Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Structure of this standard
From section 5 onwards, the section title is the same from the respective ISO 27001 Annex A section. For example, both ISO 27001 Annex A.5 section and ISO 27002 section 5 are titled A.5 “Information security policies”
This article will provide you a further explanation about ISO 27001 and ISO 27002:
- ISO 27001 vs. ISO 27002 https://advisera.com/27001academy/knowledgebase/iso-27001-vs-iso-27002/
Comment as guest or Sign in
Dec 08, 2021