|
|
|
|
|
|
by bennyelv
1000 days ago
|
|
|
Agreed - but 27001 doesn't have an opinion on that. It only requires that top management have set the context that the rest of the information security management system hangs off of. It doesn't specify what that context should be for your company. It's completely unlike SOC in that regard. |
|
|