Abstract Preview

This document provides guidance on reviewing and assessing the implementation and operation of information security controls, including the technical assessment of information system controls, in compliance with an organization's established information security requirements including technical compliance against assessment criteria based on the information security requirements established by the organization.

This document offers guidance on how to review and assess information security controls being managed through an Information Security Management System specified by ISO/IEC 27001.

It is applicable to all types and sizes of organizations, including public and private companies, government entities, and not-for-profit organizations conducting information security reviews and technical compliance checks.


General information

  • Status :  Published
    Publication date : 2019-01
  • Edition : 1
    Number of pages : 91
  • :
    ISO/IEC JTC 1/SC 27
    Information security, cybersecurity and privacy protection
  • 35.030
    IT Security

Buy this standard

Format Language
PDF + ePub
Paper
  • CHF198

Got a question?

Check out our FAQs

Customer care
+41 22 749 08 88

Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)

Keep up to date with ISO

Sign up to our newsletter for the latest news, views and product information