Which of the following standards describes how well a system

Which of the following standards describes how well a system or process is documented?

A. ISO 27001

B. ISO 9001

C. ISO 27002

D. ISO 17799

Solution

B. ISO 9001 describes how production processes are to be managed and reviewed. It is not a standard of quality, it is about how well a system or process is documented. Answers A, C, and D are incorrect as ISO 27001 describes requirements on how to establish, implement, operate, monitor, review, and maintain an information security management system. ISO 27002 is considered a code of practice that describes ways to develop a security program within the organization ISO 17799 provides the best practice guidance on information security management