Audit. Compliance. Assurance.


ISO 27001 / 27002 Readiness & Remediation

The ISO 27002 standard (formerly known as ISO 17799) is a globally accepted standard and benchmark for information security. It outlines over 200 potential controls activities relevant for an ISO 27001 certification audit. ISO 27002 has established guidelines and principles for initiating, implementing, maintaining and improving an organizationís ISMS (Information Security Management System).

The twelve sections for ISO 27002 are:

  • Risk Assessment
  • Security Policy
  • Organization of Information Security
  • Asset Management
  • Human Resources Security
  • Physical Security
  • Communications and Operations Management
  • Access Control
  • Information Systems Acquisition, Development, Maintenance
  • Information Security Incident management
  • Business Continuity
  • Compliance

Within each section, there are control objectives and control activities that are recommended for implementation. Certain control objectives and activities may not be applicable to your organization and should be documented in the formal risk assessment when undergoing ISO 27002 readiness.

TurnKey IT Solutions can help your organization prepare for an ISO 27001 audit by conducting a formal risk assessment of your current IT environment, design and implement ISO 27002 controls for your ISMS, perform a gap analysis and perform internal remediation prior to or after ISO 27001 certification has been completed by an accredited registrar.

For additional information or questions, please contact us by filling out the form to the right or email us at

Related Links
Contact Us Today!

Questions or Comments:

Enter code EXACTLY as it appears in box below
Code Image - Please contact webmaster if you have problems seeing this image code Load New Code