ISM3 is a specification for creating ISM systems, so ISM3 itself doesn't need to be ISO27001 compliant. Certification is performed on specific ISM systems, so ISM3 can be used to create ISO27001 compliant ISM systems, that will have to use risk analysis/assessment and implement all applicable ISO27001 controls.
ISM3
www.ism3.com
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment