- Establishes requirements for an organization´s Information Security Management System (ISMS)
- Determines documentation requirements and management responsibility
- Requires internal audits and managerial review of the ISMS
- Demands ISMS improvement
- Provides controls and control objectives derived from best practices in ISO/IEC 27002
No comments:
Post a Comment