# ISO/IEC 27002:2013*

Information technology - Security techniques - Code of practice for information security controls

# Acronyms, Abbreviations, and Initialisms

Short Form Full Form
IEC International Electrotechnical Commission
ISO International Organization for Standardization

# Overview

ISO/IEC 27002 provides guidelines for organizational information security standards including the selection, implementation, and management of controls taking into consideration the organization's information security risk environments.

It is designed to be used by organizations that intend to select controls within the process of implementing an ISMS based on ISO/IEC 27001.