This standard stems from British standard BS 7799, and was adopted by the International Organization for Standardization in 2000. Today it is recognized worldwide as the most comprehensive standard for information security. ISO 27002 defines a comprehensive set of controls comprising information security best practices, which can be applied to organizations of all sizes and types.
ISO 27002 is also known for its flexibility: Its controls are compatible with many different kinds of IT environments, are continuously updated and can be applied to any subsequent technological innovations.
ISO 27002 encompasses best security practices for any organization, regardless of any specific need to obtain certification.
How Modulo Risk Manager can help your business with ISO 27002 certification:
- Performs an initial index- and metrics-based assessment that allows you to measure your organization's current level of ISO 27002 compliance
- Specifies the controls your organization will require for compliance with ISO 27002
- Creates executive reports that enable you to monitor the evolution of control implementation
- Provides a complete listing with technical advice on how to immediately implement necessary controls