Professional Documents
Culture Documents
Renjith P Sarada
Lead Auditor & Tutor- Digital Trust
2
Implementing
IS controls
based on best
practice
Developing
ISMS based
organizational
on ISO/IEC
ISMS
27001
guidelines
Information
security
controls
Clause 5 - Organizational
controls Clause 6 - People controls
37 controls, 34 existing, 3 8 controls, all existing
new
latest best practices and 15.1.1 5.19 11.1.1 7.01 09.4.4 8.18
15.1.2 5.20 11.1.3 7.03 13.1.1 8.20
removal of obsolete 15.1.3 5.21 11.1.4 7.05 13.1.2 8.21
technologies 16.1.1 5.24 11.1.5 7.06 13.1.3 8.22
16.1.4 5.25 11.2.9 7.07 14.2.1 8.25
16.1.5 5.26 11.2.1 7.08 14.2.5 8.27
✓ Link between corresponding 16.1.6 5.27 11.2.6 7.09 14.2.7 8.30
Information security
properties
#Confidentiality
#Integrity
#Availability
#Respond #Recover
Operational capabilities
#Asset_management #Information_protection
#Human_resource_security #System_and_network_
#Physical_security
security
#Identity_and_access_m
#Application_security #Secure_configuration
anagement
#Threat_and_vulnerability_ #Supplier_relationships_
#Continuity
management security
#Information_security_ #Information_security_
#Legal_and_compliance
event_management assurance
Security domains
#Governance_and_Ecosystem
#Protection
#Defence
#Resilience
What next?
Amendment to ISO/IEC 27001:2013
expected later this year to reflect ISO/IEC
27002:2022 revision
Visit Webpage: Scan the QR Download the ISO 27001 Self Read our Executive Briefing helps
code and read more about the Assessment Checklist senior management understand the
changes in Information Security overarching business benefits of
Standards adopting ISO/IEC 27001.
On-Demand Webinar: Secure your information in the Download the ISO 27001:2022
new digital age with ISO/IEC 27001:2022 Transition Journey Guide
Date: Thursday, 4th October 2022
Time: 2:30 PM to 3:30 PM (IST)
Scan QR code to watch replay webinar
ISO/IEC 27001 Case Study - CogentHub ISO/IEC 27701 Case Study - Befree
CogentHub is a global provider focused on the Befree, are among the leading organizations to achieve
delivery of business solutions integrated with the ISO certification in ISO/IEC 27701:2019 for Data
latest technologies. protection and standardization to secure data assets.
Scan QR code to download case study Scan QR code to download case study
BSI provides a range of solutions on information and communication technologies, you need to ensure
that you manage your digital infrastructure, systems and processes in the most effective way.
Our ICT newsletters, blogs, case studies, replay webinar will keep you up to date with what our ICT
community experts have to say on the hot topics in the ICT industry.