Revision to 27002 question
Assign topic to the user
Please note that the elements (Attribute, Control, Purpose, Guidance, and Other information) are part of each control and that each control is referred to at least one element in the five control attributes. So, by electing one attribute to sort the controls, you can group them according to each element they cover.
For example, control 5.1 Policies for Information Security, in its attribute Control type is classified as preventive, while control 7.4 Physical Security Monitoring in its attribute Control type is classified as preventive and detective.
Considering that, you can work these controls together considering that you can develop a Physical Security Monitoring Policy (a preventive measure), which can define rules for implementing CCTV monitoring and motion sensors for detection of unauthorized access (a detective measure).
For more detailed information about the ISO 27002 revision, please download this free white paper:
- What are the new security controls in ISO 27002:2022? https://info.advisera.com/27001academy/free-download/overview-of-new-security-controls-in-iso-27002/
Comment as guest or Sign in
Jul 20, 2022