ISO/IEC 27001 - Information Technology –
Security Techniques - Information Security Management System
was adopted to address the topic of information security management. The ISMS provides a framework to initiate,
implement, maintain and manage information security within an organisation. It
also preserves the confidentiality, integrity and availability of information
by applying a risk management process and gives confidence to interested
parties that risks are adequately managed.
ISO/IEC 27002 - Information Technology – Security Techniques - Code of Practice
for Information Security Management
This standard is
designed for organisations to use as a reference for selecting controls within
the process of implementing an Information Security Management System based on
ISO/IEC 27001 or as a guidance document for organisations implementing commonly
accepted Information Security Controls. It can be regarded as a comprehensive
catalogue of good security things to do.
are on sale at the Mauritius Standards Bureau.
Contact Person: Mr Rkhedan