This standard has been revised by ISO/IEC 27002:2022
Abstract
ISO/IEC 27002:2013 gives guidelines for organizational information security standards and information security management practices including the selection, implementation and management of controls taking into consideration the organization's information security risk environment(s).
It is designed to be used by organizations that intend to:
- select controls within the process of implementing an Information Security Management System based on ISO/IEC 27001;
- implement commonly accepted information security controls;
- develop their own information security management guidelines.
-
Status: WithdrawnPublication date: 2013-10
-
Edition: 2Number of pages: 80
-
Technical Committee: ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection
-
- ICS :
- 35.030 IT Security
People also bought
- Information technologySecurity techniquesInformation security management systemsOverview and vocabulary
- ISO/IEC 27001:2013 [Withdrawn]Information technologySecurity techniquesInformation security management systemsRequirements
- ISO/IEC 27005:2018 [Withdrawn]Information technologySecurity techniquesInformation security risk management
Life cycle
-
Previously
WithdrawnISO/IEC 27002:2005
-
Now
-
00
Preliminary
-
10
Proposal
-
20
Preparatory
-
30
Committee
-
40
Enquiry
-
50
Approval
-
60
Publication
-
90
Review
-
95
Withdrawal
Corrigenda / Amendments
WithdrawnISO/IEC 27002:2013/Cor 1:2014
WithdrawnISO/IEC 27002:2013/Cor 2:2015
-
00
-
Revised by
PublishedISO/IEC 27002:2022
This may also interest you
News
Why education is our best weapon against cybercrime.
The standard for IS governance just updated.
At a time when more of us are connected and working remotely than ever before, it’s good to know that there are people like SC 27 keeping our online activities secure with ISO standards.
ISO/IEC 27009, just updated, will enable businesses and organizations from all sectors to coherently address information security, cybersecurity and privacy protection.
Software attacks, theft of intellectual property or sabotage are just some of the many information security risks that organizations face. And the consequences can be huge. Most organizations have controls …
Pages
IT security, cybersecurity and privacy protection are vital for companies and organizations today. The ISO/IEC 27000 family of standards keeps them safe.
Got a question?
Check out our FAQs
Customer care
+41 22 749 08 88
Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)