Skip to Main Content
0
USA
Select regional store:
Please enter more than 3 characters
Privacy as a Service | The simplest, fastest, and most affordable way to comply with data privacy laws | Find out more
Cybersecurity > Cybersecurity Standards > ISO/IEC 27001 2013 and ISO/IEC 27002 2013 Standards
ISO/IEC 27001 2013 and ISO/IEC 27002 2013 Standards

ISO/IEC 27001 2013 and ISO/IEC 27002 2013 Standards

Leave a review

SKU: 4332
Publishers: ISO/IEC
Format: PDF
Published: 01 Sep 2013
Availability: Available to Order

Cybersecurity is an understandable concern for any organization, but an effective Information Security Management System (ISMS) can significantly reduce the risk of exposure to security breaches which an organization faces.

If you are implementing or thinking about implementing an ISMS, you will need both the ISO 27001 and ISO 27001 standards as your principle point of reference.

Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account. Apply online today or call our training sales team on +1 877 317 3454.

Price: $340.00

You may also be interested in

ISO27001/ISO27002 A Pocket Guide
ISO27001/ISO27002 A Pocket Guide, Second Edition
Certified ISO 27001 ISMS Foundation Online Training Course
Certified ISO 27001 ISMS Foundation Training Course
ISO 27001 Cybersecurity Documentation Toolkit | IT Governance USA
ISO 27001 Cybersecurity Toolkit
ISO/IEC 27701 2019 Standard
ISO/IEC 27701 2019 Standard
Description

The two standards included here are ISO/IEC27001:2013 and ISO/IEC 27002:2013.

  • ISO/IEC 27001:2013 is the new international Standard which details the requirements for an ISMS
  • ISO/IEC 27002:2013 is the new international Standard which supports the implementation of an ISMS based on the requirements of ISO 27001

If you are implementing or thinking about implementing an ISMS, you need both of these standards as your principle point of reference. ISO 27001 is the only security Standard that takes an integrated approach to information security, addressing the three essential facets of cyber security (people, processes and technology) in a single cohesive strategy. With the new, 2013, version, implementation has never been easier.

Why is ISO 27001:2013 easier to implement than the previous version?

  • The asset-based risk assessment approach is no longer a requirement: any form of risk assessment can be applied.
  • Any set of control frameworks can be used; mapping can be done back to the controls in Annex A once organizational compliance obligations have been met.
  • The new standard is more accommodating in respect of recognising that different organizations have different risk appetites and businesses drivers.
  • Any form of continual improvement methodology can be applied to ensure that adequate measures and controls are maintained.
  • The new standard is able to integrate with other management system frameworks, making it easier for organizations aligning to more than one standard.
  • The standard is better suited to the governance environment of a larger organization than the previous version.

For more guidance on ISO 27001, visit our information pages.

Corrigenda

Please note that two Technical Corrigenda have been issued since ISO/IEC 27001:2013 was published. These can be downloaded free of charge direct from ISO via the following links:

Customer reviews

Please login to your account to leave a review.
top
This website uses cookies. View our cookie policy
Loading...