Chapter 2

ISO Security Management Categories

Chapter 2 reviews the 14 categories identified in the ISO 27000 series that fall under the umbrella of risk management.

Keywords

ISO 27000 series; Plan-Do-Check-Act

image

In 2013, the ISO/IEC 27000 series was updated to reflect a more refined control set. There are 14 categories identified in the standard, all of which fall under the umbrella of risk management.

• Policy Management

• Security Organization Management

• Human Resources Security Management

• Asset Management

• Access Management

• Cryptography

• Physical and Environmental Security Management

• Security Operations Management

• Communications ...

Get Infosec Management Fundamentals now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.