Skip to main content

ISO/IEC 27002:2005

Withdrawn Date published:

Warning: Withdrawn Standard. This document has been replaced by:

Information technology — Security techniques — Code of practice for information security management

ISO/IEC 27002:2005 comprises ISO/IEC 17799:2005 and ISO/IEC 17799:2005/Cor.1:2007. Its technical content is identical to that of ISO/IEC 17799:2005. ISO/IEC 17799:2005/Cor.1:2007 changes the reference number of the standard from 17799 to 27002.

ISO/IEC 27002:2005 establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization. The objectives outlined provide general guidance on the commonly accepted goals of information security management. ISO/IEC 27002:2005 contains best practices of control objectives and controls in the following areas of information security management:

  • security policy;
  • organization of information security;
  • asset management;
  • human resources security;
  • physical and environmental security;
  • communications and operations management;
  • access control;
  • information systems acquisition, development and maintenance;
  • information security incident management;
  • business continuity management;
  • compliance.

The control objectives and controls in ISO/IEC 27002:2005 are intended to be implemented to meet the requirements identified by a risk assessment. ISO/IEC 27002:2005 is intended as a common basis and practical guideline for developing organizational security standards and effective security management practices, and to help build confidence in inter-organizational activities.

Get this standard Prices exclude GST
PDF ( Single user document)
$91.24 NZD
HardCopy
$91.24 NZD
Networkable PDF
Price varies
Preview only close
Prev {{ page }}/ {{ numPages }} Next
Preview only close
Prev {{ page }}/ {{ numPages }} Next
Pages: 115

Keep me up-to-date

Sign up to receive updates when there are changes to this standard

Related Information

Similar Standards

  • BS 10754-1:2018

    Information technology. Systems trustworthiness, Governance and management specification

  • BS 7799-3:2017

    Information security management systems, Guidelines for information security risk management

  • BS 8626:2020

    Design and operation of online user identification systems. Code of practice

  • BS EN 16495:2019

    Air Traffic Management. Information security for organisations supporting civil aviation operations

Preview only close
Prev {{ page }}/ {{ numPages }} Next
Preview only close
Prev {{ page }}/ {{ numPages }} Next
Pages: 115

ISO/IEC 27002:2005

Get this standard Prices exclude GST
PDF ( Single user document)
$91.24 NZD
HardCopy
$91.24 NZD
Networkable PDF
Price varies

Request to add this standard to your subscription

ISO/IEC 27002:2005

Price varies
Online library subscription

Click "Send request for subscription" to request for your Account Administrator to add this standard to your subscripiton.

Comment

Cancel