6.12 ISO 27001 and 27002

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

12 hours 48 minutes
Video Transcription
All right, let's look at ice. 0 27,000 won and 27,002. I believe that we've mentioned these, you know, a couple of times throughout. But if not the international organization of standards s o, obviously an international body
that's geared towards standardization of products and frameworks
to you, no further the consistency and the interoperability on and to give us sort of a standards based approach to creating what we refer to as A
I S M s and information security management system. So this idea that it's based on the P. D. C. A model plan do check
and you notice that the arrows just continue its interactive in nature. You're never done with securing your infrastructure, securing your information, protecting your environment. Don't never done with managing risks. Right? So it's ongoing. So ultimately, when we're looking at configuring,
working with designing, implementing, improving and i s M. S,
I said 27,000 won is the framework that we wouldn't be here too. So ultimately, this is all about helping us figure out an over arching management process to make sure our security controls are meeting their goals and that we're managing risks effectively.
So this is essentially what we want to do.
Okay, there is a framework of 27,001 to which we would be certified. So ultimately that we meet these goals associated with I su 27,000 won.
Okay, top down structure meeting management leads the structure. We have established principles in place. We have effective governance through policies and procedures and so on in that ultimately again, we're providing the protection we need.
Now when it comes to the how we have I So 27,002.
So how we accomplish 27,001 could be with i su 27,002. There are other ways we can accomplish and get certified. Icy. 27,000 won. But I said 27,002 provides us away. So, ultimately 14 domains. That said, Look, you need security
policies in place. You need asset management, information, security reviews, supplier relationships, organization of information, security, cryptography, all these things. So you're not gonna have to recite the 14 domains, but understanding that I so 27,000 won is the framework I So, 27,002 or really,
the principles of practice for the codes of practice. So the two of those frequently go hand in hand,
but they don't have to ice or 27,001 would be a certification to attain toe adhering to that framework following the steps in the practices. And I said 27,002 would help me to get their hope. That makes sense.
Up Next
Certified Cloud Security Professional (CCSP)

This Certified Cloud Security Professional (CCSP) certification course covers topics across six domains, to ensure the candidate has a wide range of competencies and is capable in the assessment and implementation of cloud service solutions.

Instructed By