The ISO 27002 Code of Practice for Information Security Management
The full title of this standard is: Information Technology - Security Techniques - Code of Practice for Information Security Management. If this sounds familiar, it is perhaps because this standard is simply a rename ISO 17799.
The actual renaming of the long established 17799 standard was finally ratified by the appropriate ISO committee (JTC 1/SC27) in paper N5930 in April 2007.
The standard itself is intended to be used in conjunction with ISO 27001. This is a specification for a management system: part of which is the selection of controls as appropriate. Those controls are broadly described by ISO 27002.
Its relationship with other ISO 27000 standards is currently less clear. However, on certain development is the creation of a series of industry specific variants of ISO 27002. The first of these is ISO 27799, which is specific to the health industry, but others will follow.
At time of writing, the online internet stores are still selling only ISO 17799. Given that this is the same standard as 27002, this isn't a particular issue.
A number of established sources for the ISO27002 standard are documented by the Standards.Bz business standards portal.