• Iso 27001 Checklist

Does anyone out there know of a document mapping the control requirements in ISO27002 to the controls in COBIT or COSO? I basically am trying to begin a mapping of the various regulatory/industry control requirements (e.g. PCI, SOX) along with standards (e.g. ISO), with the goal of creating a single document that shows the relationships between certain standards/regulatory requirements/etc and mapping it to our products/services. After that I will perform a gap analysis as to see what regulatory requirements/industry standards our products/services are not providing (e.g. Our product cannot create a security policy as defined in 5.1.1, but our services can.

Sarbanes-Oxley Act Forum: Forums. This is precisely what ISO 27001. There is a good guidance document in ISACA for it which gives the control mapping but.

Iso 27001 Checklist

Our product addresses 5.1.2/5.1.3/etc). Sincerely, T Satish Kumar Dwibhashi 29.12.09 8:59.