Annex A.5 - Organisational Controls
Annex A 5.1 - Policies for Information SecurityAnnex A 5.2 - Information Security Roles and ResponsibilitiesAnnex A 5.3 - Segregation of DutiesAnnex A 5.4 - Management ResponsibilitiesAnnex A 5.5 - Contact With AuthoritiesAnnex A 5.6 - Contact With Special Interest GroupsAnnex A 5.7 - Threat IntelligenceAnnex A 5.8 - Information Security in Project ManagementAnnex A 5.9 - Inventory of Information and Other Associated AssetsAnnex A 5.10 - Acceptable Use of Information and Other Associated AssetsAnnex A 5.11 - Return of AssetsAnnex A 5.12 - Classification of InformationAnnex A 5.13 - Labelling of InformationAnnex A 5.14 - Information TransferAnnex A 5.15 - Access ControlAnnex A 5.16 - Identity ManagementAnnex A 5.17 - Authentication InformationAnnex A 5.18 - Access RightsAnnex A 5.19 - Information Security in Supplier RelationshipsAnnex A 5.20 - Addressing Information Security Within Supplier AgreementsAnnex A 5.21 - Managing Information Security in the ICT Supply ChainAnnex A 5.22 - Monitoring, Review and Change Management of Supplier ServicesAnnex A 5.23 - Information Security for Use of Cloud ServicesAnnex A 5.24 - Information Security Incident Management Planning and PreparationAnnex A 5.25 - Assessment and Decision on Information Security EventsAnnex A 5.26 - Response to Information Security IncidentsAnnex A 5.27 - Learning From Information Security IncidentsAnnex A 5.28 - Collection of EvidenceAnnex A 5.29 - Information Security During DisruptionAnnex A 5.30 - ICT Readiness for Business ContinuityAnnex A 5.31 - Legal, Statutory, Regulatory and Contractual RequirementsAnnex A 5.32 - Intellectual Property RightsAnnex A 5.33 - Protection of RecordsAnnex A 5.34 - Privacy and Protection of PIIAnnex A 5.35 - Independent Review of Information SecurityAnnex A 5.36 - Compliance With Policies, Rules and Standards for Information SecurityAnnex A 5.37 - Documented Operating Procedures
Last updated