Controls (Annex A) A.5: Information Security Policies – Controlling how policies are written and revised A.6: Information Security Organization – Controls on how responsibilities are assigned; also includes controls for mobile devices A.7: Human Resources Security – Pre-employment, during and after employment controls A.8: Asset management – Asset inventory and acceptable use controls; also for information classification and media...
ISO 27001 is a standard which helps organizations manage information security. It was published by International Standardization Organization (ISO). The latest revised version is ISO 27001:2013. First version was published in 2005. This standard was developed on British Standards BS 7799-2. Which type of organizations can get certified for ISO 27001? ISO 27001 can be implemented in any...