ISO 27002 is a series of standards developed by the International Standards Organization (ISO) related to Information Security and Information Security Systems Management. While conducting normal business operations, your organization may process, store, or transmit sensitive information. The ISO 27002 framework outlines specific controls to help you safeguard this information and mitigate your risk related to this sensitive information.
Compass IT Compliance is well versed in the requirements set forth in the ISO 27002 IT Security Framework. Our assessment methodology takes into account the 14 clauses outlined in the ISO 27002 framework as well as the security categories that are contained within each. The fourteen clauses in scope for an ISO 27002 assessment include:
Are you being asked by a client to provide verification of your information security program through an ISO 27002 Risk Assessment? Or are you considering having an ISO 27002 Risk Assessment completed to demonstrate your commitment to securing your sensitive information? Either way, Compass IT Compliance will assist your organization by conducting and documenting the controls you have in place compared to the controls outlined in the ISO 27002 standard and provide you a clear remediation path to mitigating your overall risk. Contact us today to discuss your specific situation and for more detailed information.