ISO 27002 and the stage 2 audit Course
1 hour, 33 minutes
Course description
A discussion of the ISO 27002 standard utilized during a stage 2 assessment. We break down each component so that the auditor knows what evidence to look for.Syllabus
Business continuity
Video - 00:05:00
Review of controls within section 17 of the standard: Business continuity.
Compliance
Video - 00:08:00
Review of controls within section 18 of the standard: Compliance.
Information security incident management
Video - 00:05:00
Review of controls within section 16 of the standard: Security incident management.
Supplier relationship
Video - 00:05:00
Review of controls within section 15 of the standard: Supplier relationships.
Systems acquisition, development and maintenance
Video - 00:09:00
Review of controls within section 14 of the standard: Systems acquisition, development and maintenance.
Communications and networks
Video - 00:05:00
Review of controls within section 13 of the standard: Communications and networks.
IT operations
Video - 00:09:00
Review of controls within section 12 of the standard: IT operations.
Physical and environmental
Video - 00:10:00
Review of controls within section 11 of the standard: Physical and environmental.
Cryptography
Video - 00:02:00
Review of controls within section 10 of the standard: Cryptography.
Access control
Video - 00:10:00
Review of controls within section 9 of the standard: Access control.
Asset management
Video - 00:06:00
Review of controls within section 8 of the standard: Asset management.
HR security
Video - 00:05:00
Review of controls within section 7 of the standard: HR security.
Organization
Video - 00:04:00
Review of controls within section 6 of the standard: Organization of security.
Management direction
Video - 00:02:00
Review of controls within section 5 of the standard: Management direction.
ISO 27002 structure and content and other control sets
Video - 00:10:00
An overview of ISO 27002 structure, controls and content.
Unlock 7 days of free training
- 1,400+ hands-on courses and labs
- Certification practice exams
- Skill assessments
Associated NICE Work Roles
All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.
- All-Source Analyst
- Mission Assessment Specialist
- Exploitation Analyst
Plans & pricing
Infosec Skills Personal
$299 / year
- 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Custom certification practice exams (e.g., CISSP, Security+)
- Skill assessments
- Infosec peer community support
Infosec Skills Teams
$799 per license / year
- Team administration and reporting
- Dedicated client success manager
-
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
-
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps