You have been assigned the implementation of an ISMS, whose scope must cover both on premise and cloud infrastructure. Which of the following is your BEST option?
A.
Implement ISO/IEC 27002 and complement it with additional controls from the CCM.
B.
Implement ISO/IEC 27001 and complement it with additional controls from ISO/IEC 27017.
C.
Implement ISO/IEC 27001 and complement it with additional controls from ISO/IEC 27002.
D.
Implement ISO/IEC 27001 and complement it with additional controls from the NIST SP 800-145.
The ISO/IEC 27001 standard is broadly applicable to any organization, because it provides a specification for an Information Security Management System (ISMS). ISO/IEC 27002 describes controls that can be put in place to adhere to the ISO/IEC 27001 standard. Further building on these foundational pieces, ISO published ISO/IEC 27017, which provides guidance on the information security aspects of cloud computing, recommending and assisting with the implementation of cloud-specific information security controls supplementing the guidance in ISO/IEC 27002. CCAK P# 134
upvoted 2 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
4f2a581
3 months, 3 weeks agoOla213
7 months agosai_murthy
9 months, 1 week ago