Published in June 2008, this standard provides an approach to risk assessment of a company computer. The basic notions Privacy / Availability / Integrity face the threats in order to prioritize the importance of making treatment decisions based on risk impact, their likelihood of occurrence.

1. Introduction ISO / IEC 27002 version 2005 is the component that deals with techniques of Information Security. It is a practice guideline for the management of Information Security. In addition to IS / IEC 27001 allows it to support the process of implementation of an ISMS. ISO / IEC 27002 provides management recommendations for [...]

Presentation of specific terminology with ISO / IEC 27001 AND 27002. System safety management of the Information Society (WSIS): Part of the overall management system, based on an approach to risk activity, to establish, implement, operate, monitor, review, maintain and improve the security of the information. Active [...]

This paper presents full details on all the measures to be implemented for any organization wishing to move towards ISO / IEC 27001.

A sheet of any synthetic for a successful implementation project and ISO / IEC 27001.

This article provides a overview of the various steps and pitfalls you may encounter in the conduct of a proposed deployment of a benchmark or standard.

In response to market increasingly competitive, customer requirements explicit and implicit security and integration of business intelligence processes in companies, the ISO 270001: 2005 directs any organization to the establishment of a system management information security.

Lighter version of ITIL, ISO / IEC 20000 covers a number of process its close cousin. However, ISO 20000 is a standard and certifies the company, or where ITIL focuses on certifying individual employees.