What type of compliancy standard, regulation or legislation provides a code of practice for information security?

What type of compliancy standard, regulation or legislation provides a code of practice for information security?
A . ISO/IEC 27002
B . Personal data protection act
C . Computer criminality act
D . IT Service Management

Answer: A

Explanation:

ISO/IEC 27002:2022 is an international standard that provides a code of practice for information security controls4. A code of practice is a set of guidelines and recommendations for implementing, maintaining, and improving information security in an organization5. ISO/IEC 27002:2022 covers various aspects of information security, such as organizational, human, technical, physical, and environmental controls. It is designed to be used as a reference for selecting, implementing, and managing controls within the process of establishing an ISMS based on ISO/IEC 27001:20224.

Reference: ISO/IEC 27002:2022, Foreword and Introduction; ISO/IEC 27000:2022, clause 3.10.

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments