Sep 13, 2008

LinkedIn Q&A : What is the difference between the ISO/IEC 2700x series of standards with the ISO/IEC 13335 series of standards?

ISO 27001 is a high-level standard specifying that an organization should use a risk assessment and risk management methodology. No actual methodology is described, but either one of ISO 13335, NIST SP800-30 or CERT OCTAVE can be used.

No comments:

Post a Comment