ISO 27002

The International Organization for Standardization and the International Electrotechnical Commission teamed up to create ISO/IEC 27002, formally titled “Security techniques – Code of practice for information security management.” This standard has been essential in defining best practices for the information security industry, and adherence can drastically improve compliance with compulsory industry regulations . It outlines twelve high-level sections, such as security policy, access control, incident management, and business continuity. Any organization targeting a best-of-breed secure infrastructure should keep this standard at the top of the list.

Standards such as ISO 27002 guide organizations in their development and implementation of IT security practices. However, the alphabet soup can be confusing, and organizations can become unsure of how to achieve compliance or when standards compliance is compulsory and when it is optional. AppliedTrust can help navigate these waters.

Let us bring a practical approach to your standards compliance effort. Call us at (303) 245-4545 or contact us online.