|Points to remember:
- Though ISACA does not test on ISO numbers, it is good to know the ISO numbers and standards and their scope/description, to understand the subject better
- ISO 27001 (BS7799) – ISO for information security management system (ISMS) – (Requirements – 0 t 10; Controls – 114; Control objectives – 35; Domains -14)
- ISO 38500 – Information technology – Security techniques – Code of practice for information security controls.
- ISO 20000 – ISO for Information technology service management (ITSM) system. The standard was developed to mirror the best practices described – ITIL
- Relationship between COBIT and ITIL – COBIT defines IT goals, whereas ITIL provides the process-level steps on how to achieve them how to achieve them