5.10 | ISO 27001 5.10: Acceptable Use Policy for Information Assets |
5.11 | ISO 27001 5.11: Asset Return Policy & Compliance |
5.12 | ISO 27001 5.12: Information Classification Control |
5.13 | ISO 27001 5.13: Information Labelling Procedures |
5.14 | ISO 27001 5.14: Information Transfer Controls |
5.15 | ISO 27001 5.15: Access Control Implementation |
5.16 | ISO 27001 5.16 Identity Management Control |
5.17 | ISO 27001 5.17: Authentication Information Management |
5.18 | ISO 27001 5.18 Access Rights | GRCWatch |
5.19 | ISO 27001 5.19: Supplier Information Security Risk Management |
5.20 | ISO 27001 5.20: Supplier Information Security Agreements |
5.21 | ISO 27001 5.21: ICT Supply Chain Security Management |
5.22 | ISO 27001 5.22: Supplier Service Monitoring & Change Management |
5.23 | ISO 27001 5.23: Cloud Services Information Security |
5.24 | ISO 27001 5.24: Information Security Incident Management Planning |
5.25 | ISO 27001 5.25: Security Event Assessment & Decision |
5.26 | ISO 27001 5.26: Information Security Incident Response |
5.27 | ISO 27001 5.27: Learning from Security Incidents |
5.28 | ISO 27001 5.28: Evidence Collection & Preservation |
5.29 | ISO 27001 5.29: Information Security During Disruption |
5.30 | ISO 27001 5.30: ICT Readiness for Business Continuity |
5.31 | ISO 27001 5.31: Legal & Regulatory Requirements Control |
5.32 | ISO 27001 5.32: Intellectual Property Rights Protection |
5.33 | ISO 27001 5.33: Protection of Records | GRCWatch |
5.34 | ISO 27001 5.34: Privacy & PII Protection Control |
5.35 | ISO 27001 5.35: Independent Security Review | GRCWatch |
5.36 | ISO 27001 5.36: Information Security Policy Compliance |
5.37 | ISO 27001 5.37: Documented Operating Procedures |
5.7 | ISO 27001 5.7: Threat Intelligence Collection & Analysis |
5.8 | ISO 27001 5.8: Security in Project Management |
5.9 | ISO 27001 5.9: Information Asset Inventory & Management |
7.10 | ISO 27001 7.10: Storage Media Management |
7.11 | ISO 27001 7.11: Supporting Utilities Protection |
7.12 | ISO 27001 7.12: Cabling Security Controls |
7.13 | ISO 27001 7.13: Equipment Maintenance Control |
7.14 | ISO 27001 7.14: Secure Equipment Disposal & Data Wiping |
7.8 | ISO 27001 7.8: Equipment Siting & Protection |
7.9 | ISO 27001 7.9: Off-Premises Asset Security |
8.13 | ISO 27001 8.13: Information Backup Control |
8.14 | ISO 27001 8.14: Redundancy of Information Processing Facilities |
8.15 | ISO 27001 8.15 Logging Control | Compliance Guide |
8.16 | ISO 27001 8.16: Network Monitoring & Incident Detection |
8.17 | ISO 27001 8.17: Clock Synchronization Compliance |
8.18 | ISO 27001 8.18: Control Privileged Utility Programs |
8.19 | ISO 27001 8.19: Secure Software Installation Control |
8.20 | ISO 27001 8.20: Network Security Controls |
8.21 | ISO 27001 8.21: Network Services Security Control |
8.22 | ISO 27001 8.22: Network Segregation Control |
8.23 | ISO 27001 Control 8.23: Web Filtering & Access Management |
8.24 | ISO 27001 8.24: Cryptography & Key Management |
8.25 | ISO 27001 8.25: Secure Development Life Cycle |
8.26 | ISO 27001 8.26: Application Security Requirements |
8.27 | ISO 27001 8.27: Secure System Architecture & Engineering |
8.28 | ISO 27001 8.28: Secure Coding Principles & Implementation |
8.29 | ISO 27001 8.29: Security Testing in Development |
8.30 | ISO 27001 8.30: Outsourced Development Security |
8.31 | ISO 27001 8.31: Separate Dev, Test & Production |
8.32 | ISO 27001 8.32: Change Management Control |
8.33 | ISO 27001 8.33: Test Information Protection |
8.34 | ISO 27001 8.34: Protect Systems During Audit Testing |