DIN ISO/IEC 27002:2008 Information technology - Security techniques - Code of practice for information security management (ISO/IEC 27002:2005); English version of DIN ISO 27002:2008-09
This International Standard establishes guidelines and general principles for initiating, implementing,
maintaining, and improving information security management in an organization. The objectives
outlined in this International Standard provide general guidance on the commonly accepted goals of
information security management.
The control objectives and controls of this International Standard are intended to be implemented to
meet the requirements identified by a risk assessment. This International Standard may serve as a
practical guideline for developing organizational security standards and effective security management
practices and to help build confidence in inter-organizational activities.
DIN ISO/IEC 27002:2008 history
2017DIN EN ISO/IEC 27002:2017 Information technology - Security techniques - Code of practice for information security controls (ISO/IEC 27002:2013 including Cor 1:2014 and Cor 2:2015); German version EN ISO/IEC 27002:2017
2016DIN ISO/IEC 27002:2016 Information technology - Security techniques - Code of practice for information security controls (ISO/IEC 27002:2013 + Cor. 1:2014 + Cor. 2:2015)
2008DIN ISO/IEC 27002:2008 Information technology - Security techniques - Code of practice for information security management (ISO/IEC 27002:2005); English version of DIN ISO 27002:2008-09