Iso 27002 Checklist

  1. Iso 27002 Checklist Xls
  2. Iso 27002 Controls Checklist
  3. Iso 27002 Checklist
  4. Iso 27002 Controls Checklist
  5. Iso 27002 Checklist Template

Checklist for Standard ISO/IEC. This product comes with 4 hours of free consultation. SEPT will answer any question concerning the standard or Checklist for 60 days after purchase.

Several people have asked for an IT Audit Program Template for an audit based on the ISO/IEC 27002:2005(E) security standard. This template, which can be found here

[download]

will help you in your assessment of an organization’s information security program for CobiT Maturity Level 4.

CobiT Maturity Level 4 Managed and Measurable, states that the status of the Internal Control Environment is “There is an effective internal control and risk management environment. A formal, documented evaluation of controls occurs frequently. Many controls are automated and regularly reviewed. Management is likely to detect most control issues, but not all issues are routinely identified. There is consistent follow-up to address identified control weaknesses. A limited, tactical use of technology is applied to automate controls.”

CobiT Maturity Level 4 Managed and Measurable, states that for the Establishment of Internal Controls; “IT process criticality is regularly defined with full support and agreement from the relevant business process owners. Assessment of control requirements is based on policy and the actual maturity of these processes, following a thorough and measured analysis involving key stakeholders. Accountability for these assessments is clear and enforced. Improvement strategies are supported by business cases. Performance in achieving the desired outcomes is consistently monitored. External control reviews are organized occasionally.”

As an example, one of the questions in the section on “Allocation of information security responsibilities” is written as follows:

Are the assets and security processes associated with each particular system identified and clearly defined?

While this is a straightforward “yes” or “no” question, in order to answer that question the IT auditor would need to look at an organization’s Business Impact Analysis and verify that the assets and security processes were indeed identified and clearly defined.

You will also notice that I have cross-referenced each of the steps to the appropriate sections within CobiT.

I hope the template ISO27002 Security Framework will be of assistance to you.

Kenneth

Iso 27002 Checklist
    • Available Formats
    • Options
    • Availability
    • Priced From ( in USD )
    • Self Extracting File Format
    • Editable Word Document, Immediate Download
    • $399.00
    • PDF
    • 👥
    • Single-User PDF, Immediate Download
    • $199.00
    • Printed Edition
    • Ships in 1-2 business days
    • $199.00

Customers Who Bought This Also Bought

  • ISO/IEC 27002:2013
    Priced From $209.00

    Description: Updated release of my native Xponent mapper. This mapper is designed for Virtual DJ v5.2 for PC & MAC or later. Microsoft Visual C 2008 Runtime libraries are required, see the included PDF documentation for more information. /m-audio-xponent-mapper-virtual-dj.html.

  • SEPT ISO/IEC 27001 Checklist
    Priced From $149.00

About This Item

Full Description

This product comes with 4 hours of free consultation. SEPT will answer any question concerning the standard or Checklist for 60 days after purchase.

Iso 27002 Checklist Xls

New! Order the 'Self-Extracting File Format' option to get this product in an editable Microsoft Word document!
ISO/IEC 27002:2013 gives guidelines for organizational information security standards and information security management practices including the selection, implementation and management of controls taking into consideration the organization's information security risk environment(s).
It is designed to be used by organizations that intend to:
  • select controls within the process of implementing an Information Security Management System based on ISO/IEC 27001;
  • implement commonly accepted information security controls;
  • develop their own information security management practices

Iso 27002 Controls Checklist

The updates included in the ISO/IEC 27002:2013 guidelines standard are listed at a high level in an Annexed reference in ISO 27001:2013 as appropriate guidance to demonstrate conformance to ISO/IEC 27001:2013. If an Organization is interested in testing their conformance to ISO/IEC 27001:2013 this checklist will provide an analysis of the detail in the ISO/IEC 27002 guidelines that forms a part of ISO/IEC 27001:2013. However, the organization is only interested in the guidance in ISO/IEC 27002:2013 this checklist provides a list of all items suggested in those guidelines.

Iso 27002 Checklist

Document History

Iso 27002 Controls Checklist

Browse related products from Software Engineering Process Technology

Iso 27002 Checklist Template

  • Software Engineering Process Technology >List of Standards