ISO 27002 (International Organization for Standarization)

Are your Information Security Standards compliant?

 Which Regulations Matter for Your Organization?

The ISO 27002 standard is a collection of information security guidelines that are intended to help an organization implement, maintain, and improve its information security management.

What to know about the ISO 27002:

ISO 27002 is published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). ISO 27002 was originally named ISO/IEC 1779, and published in 2000. It was updated in 2005, when it was accompanied by the newly published ISO 27001. The two standards are intended to be used together, with one complimenting the other.

The standards are updated regularly to incorporate references to other ISO/IEC issued security standards such as ISO/IEC 27000 and ISO/IEC 27005, in addition to add information security best practices that emerged since previous publications. These include the selection, implementation and management of controls based on an organization’s unique information security risk environment.

What You Need to Do - and How MDS Can Help:

The suggested contros listed in the standard are intended to address specific issues identified during a formal risk assessment. The standard is also intended to provide a guide for the development of security standards and effective security management practices.

In 2013 the current version was published. ISO 27002: 2013 contains 114 controls, as opposed to the 133 documented within the 2005 version. , these are presented in fourteen sections, rather than the original eleven. MDS can assist in adhering to the following 14 sections of ISO 17002 Controls:

The Contents Sections of ISO 27002: 2013:
  1. Structure
  2. Security Policy
  3. Organizatino of Information Security
  4. Human Resources Security
  5. Asset Management
  6. Access Control
  7. Cryptography
  8. Physical and Environmental Security
  9. Operations Security
  10. Communications Security
  11. Information Systems Acquisition, Development, Maintenance
  12. Supplier Relationships
  13. Information Secuiryt Incident Management
  14. Information Security Aspects of Business Continuity
  15. Compliance

Which Regulations Matter to You?

The certified professionals at MDS will help you determine which regulations your organization needs to meet.

Our Pledge:

Building out and maintaining your IT ecosystem doesn’t have to be a do-it-yourself project. MDS can help identify network issues, configure devices, and optimize your infrastructure to maximize efficiency and performance. Our consultants are highly trained technology specialists that understand the complexities of multi-vendor environments and have the knowledge and skills to help your business become more agile, customer-focused and operationally efficient.


NYC Headquarters:
307 West 38th Street, Suite 1801
New York, NY 10018
Tel: 646-744-1000

Miami Office:

Tel: 786-899-2980
San Juan Office:
Tel: 646-460-6229