What is ISO/IEC TS 27007:2019 ?

What is ISO/IEC TS 27007:2019 and ISO-IEC TS 27008:2017?

ISO/IEC TS 27007:2019 and ISO-IEC TS 27008:2017 are both international standards that provide guidelines for information security management systems auditing and control assessments, respectively.

ISO-IEC TS 27007:2019, also known as ISO 27007:2019, is an international standard that provides guidelines for conducting effective audits of an organization's information security management system (ISMS). It focuses on auditing the controls implemented in an organization's ISMS and helps organizations identify areas of improvement and enhance their overall information security posture.

ISO-IEC TS 27008:2017, also known as ISO 27008:2017, is an international standard that provides guidance on information security control assessments. It is designed to help organizations evaluate and improve the effectiveness of their information security controls and identify areas where improvements are needed.

In summary, ISO/IEC TS 27007:2019 is focused on auditing the controls implemented in an organization's ISMS, while ISO-IEC TS 27008:2017 is focused on evaluating and improving the effectiveness of information security controls. Both standards are part of the ISO/IEC 27000 series of standards and are widely recognized and implemented worldwide.