A comprehensive and internationally recognized standard for security management systems. Includes a list of policies, procedures and controls.
Concepts
Certification Requirements
Stage 1
- Have a Statement of Applicability
- Have a Risk Treatment Plan
- Have an organization information security policy
Stage 2
- An audit is to be performed to determine if security policy is correctly implemented