ISO/IEC 27002
E105130
ISO/IEC 27002 is an international standard that provides best-practice guidelines and controls for information security management.
All labels observed (5)
| Label | Occurrences |
|---|---|
| ISO/IEC 27002 canonical | 9 |
| BS 7799-1 | 1 |
| ISO/IEC 17799 | 1 |
| ISO/IEC 27002:2013 | 1 |
| ISO/IEC 27002:2022 Information security, cybersecurity and privacy protection — Information security controls | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T868194 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
NED1
Entity disambiguation (via context triple)
gpt-5-mini-2025-08-07
Target entity: ISO/IEC 27002 Context triple: [ISO 27001, AnnexABasedOn, ISO/IEC 27002]
-
A.
ISO/IEC 27000 family
The ISO/IEC 27000 family is an international set of standards that provides best-practice frameworks and requirements for establishing, implementing, maintaining, and continually improving information security management systems.
-
B.
ISO 27001
ISO 27001 is an internationally recognized standard that specifies requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS).
-
C.
ISO/IEC 27018
ISO/IEC 27018 is an international standard that provides guidelines and controls for protecting personally identifiable information (PII) in public cloud computing environments.
-
D.
ISO 26324
ISO 26324 is the international standard that defines the structure, syntax, and functional framework of the Digital Object Identifier (DOI) system for uniquely identifying digital content.
-
E.
ISO 31000
ISO 31000 is an international standard that provides principles and guidelines for effective risk management applicable to organizations of all types and sizes.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
NED2
Entity disambiguation (via description)
gpt-5-mini-2025-08-07
Target entity: ISO/IEC 27002 Target entity description: ISO/IEC 27002 is an international standard that provides best-practice guidelines and controls for information security management.
-
A.
ISO/IEC 27000 family
The ISO/IEC 27000 family is an international set of standards that provides best-practice frameworks and requirements for establishing, implementing, maintaining, and continually improving information security management systems.
-
B.
ISO 27001
ISO 27001 is an internationally recognized standard that specifies requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS).
-
C.
ISO/IEC 27018
ISO/IEC 27018 is an international standard that provides guidelines and controls for protecting personally identifiable information (PII) in public cloud computing environments.
-
D.
ISO 26324
ISO 26324 is the international standard that defines the structure, syntax, and functional framework of the Digital Object Identifier (DOI) system for uniquely identifying digital content.
-
E.
ISO 31000
ISO 31000 is an international standard that provides principles and guidelines for effective risk management applicable to organizations of all types and sizes.
- F. None of above. chosen
Statements (49)
| Predicate | Object |
|---|---|
| instanceOf |
IEC standard
ⓘ
ISO standard ⓘ information security standard ⓘ international standard ⓘ |
| aimsTo |
protect availability of information
ⓘ
protect confidentiality of information ⓘ protect integrity of information ⓘ |
| appliesTo |
non-profit organizations
ⓘ
private sector organizations ⓘ public sector organizations ⓘ |
| countryOfOrganization | Switzerland ⓘ |
| describes | information security controls referenced in ISO/IEC 27001 ⓘ |
| field |
cybersecurity
ⓘ
information security management ⓘ privacy protection ⓘ |
| focusesOn |
organizational controls
ⓘ
people controls ⓘ physical controls ⓘ technological controls ⓘ |
| fullName |
ISO/IEC 27002
self-linksurface differs
ⓘ
surface form:
ISO/IEC 27002:2022 Information security, cybersecurity and privacy protection — Information security controls
|
| hasTranslation | multiple languages ⓘ |
| includes | attributes for information security controls ⓘ |
| intendedAudience | organizations of all types and sizes ⓘ |
| language | English ⓘ |
| latestEditionYear | 2022 ⓘ |
| originatedAs |
ISO/IEC 27002
self-linksurface differs
ⓘ
surface form:
BS 7799-1
|
| partOfSeries | ISO/IEC 27000 family ⓘ |
| previousTitle | Information technology — Security techniques — Code of practice for information security controls ⓘ |
| provides |
best-practice recommendations for information security management
ⓘ
guidelines for organizational information security standards ⓘ information security controls ⓘ |
| publishedBy |
International Electrotechnical Commission
ⓘ
International Organization for Standardization ⓘ |
| relatedTo |
ISO 27001
ⓘ
surface form:
ISO/IEC 27001
|
| revisedFrom |
ISO/IEC 27002
self-linksurface differs
ⓘ
surface form:
ISO/IEC 17799
ISO/IEC 27002 self-linksurface differs ⓘ
surface form:
ISO/IEC 27002:2013
|
| status | active ⓘ |
| structureIncludes |
information security controls
ⓘ
introduction ⓘ normative references ⓘ scope ⓘ terms and definitions ⓘ |
| supports | implementation of an information security management system ⓘ |
| supportsStandard |
ISO 27001
ⓘ
surface form:
ISO/IEC 27001
|
| topic | risk-based selection of security controls ⓘ |
| useCase |
implementation of information security controls
ⓘ
improvement of information security controls ⓘ management of information security controls ⓘ selection of information security controls ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
Instruction
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Input
Subject: ISO/IEC 27002 Description of subject: ISO/IEC 27002 is an international standard that provides best-practice guidelines and controls for information security management.
Referenced by (13)
Full triples — surface form annotated when it differs from this entity's canonical label.
subject surface form:
ISO/IEC
this entity surface form:
ISO/IEC 27002:2022 Information security, cybersecurity and privacy protection — Information security controls
this entity surface form:
ISO/IEC 27002:2013
this entity surface form:
ISO/IEC 17799
this entity surface form:
BS 7799-1