1、 INTERNATIONAL STANDARD ISO/IEC 27001:2013 TECHNICAL CORRIGENDUM 2 Published 2015-12-01 INTERNATIONAL ORGANIZATION FOR STANDARDIZATION ORGANISATION INTERNATIONALE DE NORMALISATION INTERNATIONAL ELECTROTECHNICAL COMMISSION COMMISSION LECTROTECHNIQUE INTERNATIONALEInformation technology Security techn
2、iques Information security management systems Requirements TECHNICAL CORRIGENDUM 2 Technologies de linformation Techniques de scurit Systmes de management de la scurit de linformation Exigences RECTIFICATIF TECHNIQUE 2 Technical Corrigendum 1 to ISO/IEC 27001:2013 was prepared by Joint Technical Com
3、mittee ISO/IEC JTC 1, Information technology, Subcommittee SC 27, IT Security techniques ICS 35.040 Ref. No. ISO/IEC 27001:2013/Cor.2:2015(E) ISO/IEC 2015 All rights reserved Published in Switzerland ISO/IEC 27001:2013/Cor.2:2015(E) 2 ISO/IEC 2015 All rights reservedPage 4, Subclause 6.1.3 Replace C
4、ontrol d) produce a Statement of Applicability that contains the necessary controls (see 6.1.3 b) and c) and justification for inclusions, whether they are implemented or not, and the justification for exclusions of controls from Annex A; with Control d) produce a Statement of Applicability that contains: the necessary controls (see 6.1.3 b) and c); justification for their inclusion; whether the necessary controls are implemented or not; and the justification for excluding any of the Annex A controls.
