ISO/IEC TS 27008:2019 Information technology — Security techniques — Guidelines for the assessment of information security controls (Tracked Change Edition)

November 1, 2020
ISO/IEC TS 27008:2019 Information technology — Security techniques — Guidelines for the assessment of information security controls (Tracked Change Edition)

Filenote |Retail PDF. Security and Watermark removedEdition note | Tracked Change edition, showing latest changesThis document provides guidance on reviewing and assessing theimplementation and operation of information security controls,including the technical assessment of information system controls,in compliance with an organization's established informationsecurity requirements including technical compliance againstassessment criteria based on the information security requirementsestablished by the organization.This document offers guidance on how to review and assessinformation security controls being managed through an InformationSecurity Management System specified by ISO/IEC 27001.It is applicable to all types and sizes of organizations,including public and private companies, government entities, andnot-for-profit organizations conducting information securityreviews and technical compliance checks.