ISO 27001: Security In Securing Business Information

Structure of ISO 27001

  • 14 Control Area
  • 34 Control Objective
  • 114 Control
  • ISO/IEC 27001:2013
  • Information Technology — Security Techniques — Information security management systems – Requirements. Known as ISO 27001
  • ISO/IEC 27002:2013
  • Information technology — Security techniques — Code of practice for information security management. Known as ISO 27002
  • ISO 27001:2022 has 4 themes and 93 controls to address the various security needs of the organization.
  • 4 Themes and 93 controls distribution is as follows:
    • Organization: 37 controls
    • People: 8 controls
    • Physical: 14 controls
    • Technological: 34 controls
Related Articles