Are your Information Security Standards compliant?
Which Regulations Matter for Your Organization?
What to know about the ISO 27002:
ISO 27002 is published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). ISO 27002 was originally named ISO/IEC 1779, and published in 2000. It was updated in 2005, when it was accompanied by the newly published ISO 27001. The two standards are intended to be used together, with one complimenting the other.
The standards are updated regularly to incorporate references to other ISO/IEC issued security standards such as ISO/IEC 27000 and ISO/IEC 27005, in addition to add information security best practices that emerged since previous publications. These include the selection, implementation and management of controls based on an organization’s unique information security risk environment.
What You Need to Do - and How MDS Can Help:
The suggested contros listed in the standard are intended to address specific issues identified during a formal risk assessment. The standard is also intended to provide a guide for the development of security standards and effective security management practices.
In 2013 the current version was published. ISO 27002: 2013 contains 114 controls, as opposed to the 133 documented within the 2005 version. , these are presented in fourteen sections, rather than the original eleven. MDS can assist in adhering to the following 14 sections of ISO 17002 Controls:
The Contents Sections of ISO 27002: 2013:
- Security Policy
- Organizatino of Information Security
- Human Resources Security
- Asset Management
- Access Control
- Physical and Environmental Security
- Operations Security
- Communications Security
- Information Systems Acquisition, Development, Maintenance
- Supplier Relationships
- Information Secuiryt Incident Management
- Information Security Aspects of Business Continuity
Building out and maintaining your IT ecosystem doesn’t have to be a do-it-yourself project. MDS can help identify network issues, configure devices, and optimize your infrastructure to maximize efficiency and performance. Our consultants are highly trained technology specialists that understand the complexities of multi-vendor environments and have the knowledge and skills to help your business become more agile, customer-focused and operationally efficient.