课程: Security Frameworks Fundamentals

今天就学习课程吧!

今天就开通帐号,24,100 门业界名师课程任您挑!

ISO 27001/2: A global approach with certification

ISO 27001/2: A global approach with certification

课程: Security Frameworks Fundamentals

开始一个月试用 购买团队方案

ISO 27001/2: A global approach with certification

- [Instructor] ISO 27001 is an information security standard that positions information security under management control and outlines specific requirements. It specifically aims to put an information security management system, or ISMS, in place to ensure comprehensive coverage of all assets and data. That means it's not just IT. Things such as paperwork and proprietary knowledge are included as well. ISO 27002 is a supporting standard that outlines how controls in the ISMS can be implemented. This standard is published jointly by ISO, or the International Organization for Standardization; and the IEC, or International Electrotechnical Commission. ISO 27001 does not formally mandate specific controls. It allows for flexibility. Organizations can choose which ones are applicable controls by doing a comprehensive assessment of its risks. Further, companies are not required to mitigate all risks. All that is required is to…

内容