In its nature, ISO 27002 represents a code of practice with regard to information security. This standard mandates specific information security controls.
The ISO 27002 standard provides a detailed description of information security objectives and contains a comprehensive list of generally accepted good practice covering security controls in 12 basic areas such as, for instance, risk assessment, security policy, access control, physical and environmental security, etc.
Every organization applies these security controls to the extent and consideration of its individual risks.
The Infopulse SCM provides the following features with regard to ISO 27002:
- Asset Management: easy import and creation of assets structure and related data
- Transparent and flexible asset structure representation
- Automatic compliance status assessment
- Corrective and preventive actions planning
- Post-compliance task management
Effective and easy-to-use IT security management system based on the latest standards and regulations — from planning and establishing the security concept to certification.