ISO-IEC 27002
ISO/IEC 27002 lists information security safeguards.
- describes specific controls
- specific to information security
14 Sections
- Information security policy
- Information security organization
- Human resources security
- Asset management
- Asset control
- Cryptography
- Physical and environmental security
- Operations security
- Communications security
- Information system acquisition, development, and maintenance
- Supplier relationships
- Information security incident management
- Information security business continuity management
- Compliance