ISO 27000 standards provide a framework for assessing and certifying an organization’s information security management systems (ISMS).
An independent body evaluates the organization’s compliance with ISO standards, ensuring robust security controls.
Comparison of Options
A. Alignment with business goals: Not specific to security controls assessment.
C. PCI attestation of compliance: Focuses on payment card industry standards, not general vendor security posture.
D. Financial statements: Provide financial insights but not security assessments.
EC-Council References
Highlighted as a benchmark for third-party risk management in EC-Council CISO training.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit