This is the second part to the series about the differences between ISO 27001:2005 and ISO 27001:2013. This post talks about the information security ‘context’ and how to establish it for an organisation.
When the ISO 27001:2013 was released, I did a quick write up about it here. Now that I have had some time to spend with the standard (get to know it better!), I am writing a more detailed comparison. This comparison will follow the typical comparison that I did for the BS25999 vs. ISO 22301. […]