Status : Withdrawn
This standard has been revised by ISO/IEC 27002:2022

Abstract

ISO/IEC 27002:2013 gives guidelines for organizational information security standards and information security management practices including the selection, implementation and management of controls taking into consideration the organization's information security risk environment(s).

It is designed to be used by organizations that intend to:

  1. select controls within the process of implementing an Information Security Management System based on ISO/IEC 27001;
  2. implement commonly accepted information security controls;
  3. develop their own information security management guidelines.

People also bought

  • ISO/IEC 27000:2018
    Information technology
    Security techniques
    Information security management systems
    Overview and vocabulary
  • ISO/IEC 27001:2013 [Withdrawn]
    Information technology
    Security techniques
    Information security management systems
    Requirements
  • ISO/IEC 27005:2018 [Withdrawn]
    Information technology
    Security techniques
    Information security risk management

General information

  • Status
     : Withdrawn
    Publication date
     : 2013-10
    Stage
    : Withdrawal of International Standard [95.99]
  • Edition
     : 2
    Number of pages
     : 80
  • Technical Committee :
    ISO/IEC JTC 1/SC 27
    ICS :
    35.030 
  • RSS updates

Life cycle

Got a question?

Check out our FAQs

Customer care
+41 22 749 08 88

Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)

  2. Store
  3. Standards catalogue
  4. ICS
  5. 35
  6. 35.030
  7. ISO/IEC 27002:2013