2016年6月4日 星期六

ISO 27001/27002 Comparison

* ISO 27001 is the formal set of specifications against which organization may seek independent certification of their ISMS.

* ISO 27001 contains a structured set of suggested controls that may be used by organizations as appropriate to address information security risk.

Reference from CISA Review Manual (p.109)

沒有留言:

張貼留言