THE ISO/IEC 27002:2013 CHALLENGE
ISO/IEC 27002:2013 Information technology -- Security techniques -- Code of practice for information security controls
You might think that implementing an ISO 27002 ISMS program is fairly straight forward, and even an easy sell to the business and supporting enterprise. After all, Information Security is defined by the the C-I-A triad, the most well-known model for security policy development. Who can resist a tried and true C-I-A triad?