Information technology - Security techniques - Code of practice for information security controls (ISO/IEC 27002:2013 including Cor 1:2014 and Cor 2:2015)

The standard provides guidelines for the security standards of organizational information and information security management practices, including the selection, implementation and management of controls, taking into account the risk environment for the security of the organisation information.