Skip to Main Content
Online exclusive! Receive a free e-book when you purchase a training course or toolkit online - for a limited time only!
ISO27008 (ISO/IEC 27008) Guidelines for Auditors on Information Security Controls

ISO27008 (ISO/IEC 27008) Guidelines for Auditors on Information Security Controls

SKU: 3644
Publishers: ISO/IEC
Format: Hardcopy
Pages: 36
Published: 06 Oct 2011
Availability: In Stock

ISO/IEC 27008:2011 - Information Technology - Security Techniques - Guidelines for auditors on information security controls Standard.

The international Standard that provides guidelines for auditors on information security controls.

ISO/IEC TR 27008:2011 provides guidance on reviewing the implementation and operation of information security controls within an organisation. It supports the risk management process in ISO/IEC 27001 and the information security controls in ISO/IEC 27002.


Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account.  Apply online today or call our service centre team on 00 800 48 484 484.

Options:
Price: 240,00 €

Description

The ISO/IEC 27008 Standard

This Standard will be of particular use where the technical compliance checking of information system controls is taking place, in compliance with an organisation's established information security standards.

ISO/IEC TR 27008:2011 is applicable to any type of organisation, including public and private companies, government entities and not-for-profit organisations undertaking information security reviews and technical compliance checks.


Why buy this Standard?

Information security control reviews and technical compliance testing should be integral parts of any enterprise-wide information security programme. They will help an organisation to:

  • Identify and understand the extent of potential problems or shortfalls in the organisation's implementation and operation of information security controls, information security standards and, consequently, technical information security controls.
  • Identify and understand the potential organisational impacts of inadequately mitigated information security threats and vulnerabilities.
  • Prioritise information security risk mitigation activities.
  • Confirm that previously identified or emergent information security weaknesses or deficiencies have been adequately addressed.
  • Support budgetary decisions within the investment process and other management decisions relating to improvement of the organisation's information security management.

Please note:

We supply, interchangeably, the British and other national or international adoptions of ISO/IEC 27008, which all contain exactly the same content.

Purchase and use of the PDF version of this product is subject to this EULA.


Customer Reviews

(0# of Ratings:)
This website uses cookies. View our cookie policy.
Loading...