ISO27001 / ISO27002 A Pocket Guide

CHAPTER 5: THE ISMS AND ISO27001

Definition of information security

ISO27001 defines information security (in its definitions section) as the ‘preservation of confidentiality, integrity and availability of information; in addition, other properties, such as authenticity, accountability, non-repudiation and reliability, can also be involved’.

Information risks can affect one or more of the three fundamental attributes of an information asset – its

• availability

• confidentiality

• integrity.

These three attributes are defined in ISO27001 as follows:

• Availability: ‘the property of being accessible and usable upon demand by an authorised entity’, which allows for the possibility that information has to be accessed by software programs as well ...

Get ISO27001 / ISO27002 A Pocket Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

ISO27001 / ISO27002 A Pocket Guide by

CHAPTER 5: THE ISMS AND ISO27001

Definition of information security

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly