Free PDF download: Penetration Testing and ISO 27001 

Information Security & ISO 27001: An Introduction

Penetration testing establishes whether or not the security in place to protect a network or application against external threats is adequate and functioning correctly.

The threats and vulnerabilities identified by penetration testing will form a key input of your risk assessment, while the identified remedial action will inform your selection of controls.

This free green paper describes how penetration testing fits into an ISO 27001 ISMS project.


  • The three specific points at which penetration testing should be undertaken
  • The importance of penetration testing to ISO 27001 risk assessments
  • How penetration testing can demonstrate compliance with half the controls in Annex A
  • Penetration testing’s use in the continual improvement of your ISMS


This website uses cookies. View our cookie policy
Subscribe to our newsletter