Monday, March 30, 2009

How ISO 27001:2005 works

ISO/IEC 27001:2005 covers twelve sections:

  1. Security Policy
  2. Organisation of Information Security
  3. Asset Management
  4. Human Resources Security
  5. Physical and Environmental Security
  6. Communications and Operations
  7. Management
  8. Access Control
  9. Information Systems Acquisition, Development and Maintenance
  10. Information Security Incident Management
  11. Business Continuity Management
  12. Compliance

4 comments: