ISO 27002


ISO 27002 is an international code of practice for information security management that provides 127 information security guidelines under 10 major headings.

The purpose of ISO 27002 is to give recommendations to information security management of a common basis for developing organizational security standards and effective security management practice.

The 10 major Categories covered in ISO 27002 are:

  1. Security Policy
  2. Organizational Security
  3. Asset Classification and Control
  4. Personnel Security
  5. Physical and Environmental Security
  6. Communication and Operations Management
  7. Access Control
  8. System Development and Maintenance
  9. Business Continuity Management
  10. Compliance

Using Pivot Group to Assist with ISO 27002 Compliance

Pivot Group can provide an ISO 27002 Audit and Assessment that delivers:

  1. Detailed findings on each of the 10 Categories
  2. ISO 27002 Compliance by Category
  3. Detailed recommendations to improve non-compliance areas.

For more information about ISO 27002, please refer to our Resource Guide.