COMPLIANCE SOLUTIONS

ISO 27002

Meet ISO 27002 requirements with privileged access management and vulnerability management solutions from BeyondTrust.

Simplifying IS0-27002 Compliance

The International Organization for Standardization (ISO) has established guidelines and general principles for initiating, implementing, maintaining and improving information security management in an organization. The objectives outlined in ISO 27002 provide general guidance on the commonly accepted goals of information security management.

The control objectives and controls in ISO 27002 are intended to be implemented to meet the requirements identified by a risk assessment. ISO 27002 can serve as a practical guideline for developing organizational security standards and effective security management practices and to help build confidence in inter-organizational activities.

For organizations that have adopted ISO 27002, it is important that all existing and new security solutions map into this framework. This standard contains 11 security control clauses containing a total of 39 main security categories and one introductory clause introducing risk assessment and treatment. Whether an organization’s objective is to achieve legislative compliance or to adopt security best practices, these controls apply to most organizations and in most environments.

Address ISO 27002 Requirements with BeyondTrust Cybersecurity Solutions

BeyondTrust solutions address parts of eight (8) security control clauses, 24 security control categories, and 52 security controls in the standard.

6. Organizing Information Security

6. Organizing Information Security

Identify asset vulnerabilities, configuration weaknesses, web application exposures, and other risks related to external parties with Retina enterprise vulnerability management solutions.

GET THE GUIDE

7. Asset Management

7. Asset Management

Easily discover, inventory, profile and classify assets in your environment with the BeyondTrust platform. Several BeyondTrust solutions also allow you to implement and enforce policies for acceptable use of assets.

GET THE GUIDE

10. Communications and Operations Management

10. Communications and Operations Management

BeyondTrust offers broad coverage, addressing controls for operational procedures, protection against malware, network security management, information exchange, electronic commerce, and monitoring.

GET THE GUIDE

11. Access Control

11. Access Control

Address several controls under this clause, include those regarding access control policy, user access management, and user responsibilities – as well as network, operating system and application access controls.

GET THE GUIDE

12. Information Systems Acquisition, Development and Maintenance

12. Information Systems Acquisition, Development and Maintenance

Address requirements regarding cryptographic controls, security of system files, security in development and support processes, and technical vulnerability management.

GET THE GUIDE

13. Information Security Incident Management

13. Information Security Incident Management

Gain unmatched visibility with expansive information security event reporting, as well as evidence collection and data sharing with SIEM, GRC and other third-party solutions.

GET THE GUIDE

14. Business Continuity Management

14. Business Continuity Management

BeyondTrust equips you with an integrated suite of privileged access management and vulnerability management solutions that embed information security in your business continuity process.

GET THE GUIDE

15. Compliance

15. Compliance

Adhere to and prove compliance with legislation regarding protection of organizational records, data protection and privacy of personal information, and protection of information system audit tools and data.

GET THE GUIDE

Related Resources