Good network security enables the right information to flow easily while stopping information flows that could degrade your business. BS ISO/IEC 27033-2:2012 provides the crucial guidelines needed for organizations to plan, design, implement and document network security in order to achieve this.
Determine key security risks
BS ISO/IEC 27033-2:2012 helps you to address the issues associated with implementing and operating network security controls, as well as monitoring and reviewing your implementation.
Discover best practise by analysing typical network scenarios and network “technology” areas (which are dealt with in detail in subsequent parts of ISO/IEC 27033). The standard explores key topics such as possible control areas, technical design and implementation.
Get an overview of the controls that support network technical security architectures and related technical and non-technical controls. The guidance supports the identification of important factors that should be taken into account when establishing network security requirements.
BS ISO/IEC 27033-2:2012 allows you to:
- Review existing designs and implementations
- Outline criteria for network component selection
- Achieve quality network security architectures
- Define network security requirements based on analysis
- Evaluate technical options and constraints.
This standard is relevant to anyone involved in owning, operating or using a network. This includes those who have specific responsibilities for information/network security or who are accountable for an organization's overall security program and policy development.
2 Normative references
3 Terms and definitions
5 Document structure
6 Preparing for design of network security
Annex A (informative) Cross-references between ISO/IEC 27001:2005/ISO/IEC 27002:2005 network
security related controls and ISO/IEC 27033-2:2012 clauses
Annex B (informative) Example documentation templates
Annex C (informative) ITU-T X.805 framework and ISO/IEC 27001:2005 control mapping