MS ISO/IEC 27002:2007
INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY MANAGEMENT

MS ISO/IEC 27001 is one of the standards from ISMS Family of Standards which specify on establishing guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization.

Designed to fit the interest of the whole Malaysian communities who deal with ICT technologies as this standard provides the main elements of Information Security Management Systems (ISMS), this Malaysian Standard contains best practices of control objectives and controls (with some implementation guidelines) in many areas of information security management.

This Malaysian Standard is intended to be implemented to meet the requirements identified by a risk assessment and the objectives outlined as a common basis and practical guideline for developing organizational security standards and effective security management practices, and to help build confidence in inter-organizational activities.