Checklist for Standard ISO/IEC 27002:2013 - Information Security Code of Practice

ISO/IEC 27002:2013 gives guidelines for organizational information security standards and information security management practices including the selection, implementation and management of controls taking into consideration the organization's information security risk environment(s).

It is designed to be used by organizations that intend to:

• select controls within the process of implementing an Information Security Management System based on ISO/IEC 27001;

implement commonly accepted information security controls;

• develop their own information security management practices

The updates included in the ISO/IEC 27002:2013 guidelines standard are listed at a high level in an Annexed reference in ISO 27001:2013 as appropriate guidance to demonstrate conformance to ISO/IEC 27001:2013. If an Organization is interested in testing their conformance to ISO/IEC 27001:2013 this checklist will provide an analysis of the detail in the ISO/IEC 27002 guidelines that forms a part of ISO/IEC 27001:2013. However, the organization is only interested in the guidance in ISO/IEC 27002:2013 this checklist provides a list of all items suggested in those guidelines.

Customers of this product:

• ASTRONAUTICS CORPORATION OF AM
• BRIS, China
• DAIMLER AG
• Edpaudit, Nigeria
• HARGROVE ENGINEERS
• MED Institute, Inc.
• SIA, UK
• TPI, Aba Dubai
• UNICONNECT LC

Note: “International Standards (ISO) define the best of practices for Medical Device and Software firms in producing a quality product. This checklist that SEPT produces will ensure that all of the best of practices are adhered to.”