UNE-ISO/IEC 27002:2015
Superseded
A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.
Information technology -- Security techniques -- Code of practice for information security controls
Hardcopy , PDF
Spanish, Castilian, English - Spanish, Castilian, English
01-07-2015
24-05-2017
This International Standard gives guidelines for organizational information security standards and information security management practices including the selection, implementation and management of controls taking into consideration the organization s information security risk environment(s).
This International Standard is designed to be used by organizations that intend to:
a)select controls within the process of implementing an Information Security Management System based on ISO/IEC 27001;
b)implement commonly accepted information security controls;
c)develop their own information security management guidelines.
| Committee |
CTN 320
|
| DevelopmentNote |
Supersedes UNE ISO/IEC 17799. (12/2009)
|
| DocumentType |
Standard
|
| Pages |
100
|
| PublisherName |
Asociación Española de Normalización
|
| Status |
Superseded
|
| Standards | Relationship |
| ISO/IEC 27002:2013 | Identical |
| ISO/IEC 27002:2013/Cor 1:2014 | Identical |
| BS 1083:1965 | Identical |
| ISO/IEC 27001:2013 | Information technology — Security techniques — Information security management systems — Requirements |
| ISO/IEC 27035:2011 | Information technology — Security techniques — Information security incident management |
| ISO/IEC 11770-2:2008 | Information technology — Security techniques — Key management — Part 2: Mechanisms using symmetric techniques |
| ISO 31000:2009 | Risk management — Principles and guidelines |
| ISO/IEC 27037:2012 | Information technology — Security techniques — Guidelines for identification, collection, acquisition and preservation of digital evidence |
| ISO 22301:2012 | Societal security — Business continuity management systems — Requirements |
| ISO/IEC 27031:2011 | Information technology — Security techniques — Guidelines for information and communication technology readiness for business continuity |
| ISO/IEC 27033-1:2015 | Information technology — Security techniques — Network security — Part 1: Overview and concepts |
| ISO/IEC 27033-5:2013 | Information technology — Security techniques — Network security — Part 5: Securing communications across networks using Virtual Private Networks (VPNs) |
| ISO/IEC 20000-1:2011 | Information technology — Service management — Part 1: Service management system requirements |
| ISO/IEC 27036-3:2013 | Information technology — Security techniques — Information security for supplier relationships — Part 3: Guidelines for information and communication technology supply chain security |
| ISO/IEC 20000-2:2012 | Information technology — Service management — Part 2: Guidance on the application of service management systems |
| ISO/IEC 27005:2011 | Information technology — Security techniques — Information security risk management |
| ISO/IEC 29101:2013 | Information technology — Security techniques — Privacy architecture framework |
| ISO/IEC 27033-4:2014 | Information technology — Security techniques — Network security — Part 4: Securing communications between networks using security gateways |
| ISO/IEC 27036-1:2014 | Information technology — Security techniques — Information security for supplier relationships — Part 1: Overview and concepts |
| ISO/IEC 27036-2:2014 | Information technology — Security techniques — Information security for supplier relationships — Part 2: Requirements |
| ISO/IEC TR 27008:2011 | Information technology — Security techniques — Guidelines for auditors on information security controls |
| ISO/IEC 27007:2017 | Information technology — Security techniques — Guidelines for information security management systems auditing |
| ISO/IEC 27033-3:2010 | Information technology — Security techniques — Network security — Part 3: Reference networking scenarios — Threats, design techniques and control issues |
| ISO/IEC 27033-2:2012 | Information technology — Security techniques — Network security — Part 2: Guidelines for the design and implementation of network security |
| ISO 22313:2012 | Societal security — Business continuity management systems — Guidance |
| ISO/IEC 27000:2016 | Information technology — Security techniques — Information security management systems — Overview and vocabulary |
| ISO/IEC 11770-1:2010 | Information technology — Security techniques — Key management — Part 1: Framework |
| ISO 15489-1:2016 | Information and documentation — Records management — Part 1: Concepts and principles |
| ISO/IEC 11770-3:2015 | Information technology — Security techniques — Key management — Part 3: Mechanisms using asymmetric techniques |
| ISO/IEC 29100:2011 | Information technology — Security techniques — Privacy framework |
Access your standards online with a subscription
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.
Important note : Users cannot be edited or removed once added to your Multi user PDF.