# Annex A.5 - Organisational Controls

- [Annex A 5.1 - Policies for Information Security](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.1-policies-for-information-security.md)
- [Annex A 5.2 - Information Security Roles and Responsibilities](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.2-information-security-roles-and-responsibilities.md)
- [Annex A 5.3 - Segregation of Duties](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.3-segregation-of-duties.md)
- [Annex A 5.4 - Management Responsibilities](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.4-management-responsibilities.md)
- [Annex A 5.5 - Contact With Authorities](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.5-contact-with-authorities.md)
- [Annex A 5.6 - Contact With Special Interest Groups](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.6-contact-with-special-interest-groups.md)
- [Annex A 5.7 - Threat Intelligence](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.7-threat-intelligence.md)
- [Annex A 5.8 - Information Security in Project Management](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.8-information-security-in-project-management.md)
- [Annex A 5.9 - Inventory of Information and Other Associated Assets](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.9-inventory-of-information-and-other-associated-assets.md)
- [Annex A 5.10 - Acceptable Use of Information and Other Associated Assets](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.10-acceptable-use-of-information-and-other-associated-assets.md)
- [Annex A 5.11 - Return of Assets](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.11-return-of-assets.md)
- [Annex A 5.12 - Classification of Information](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.12-classification-of-information.md)
- [Annex A 5.13 - Labelling of Information](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.13-labelling-of-information.md)
- [Annex A 5.14 - Information Transfer](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.14-information-transfer.md)
- [Annex A 5.15 - Access Control](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.15-access-control.md)
- [Annex A 5.16 - Identity Management](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.16-identity-management.md)
- [Annex A 5.17 - Authentication Information](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.17-authentication-information.md)
- [Annex A 5.18 - Access Rights](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.18-access-rights.md)
- [Annex A 5.19 - Information Security in Supplier Relationships](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.19-information-security-in-supplier-relationships.md)
- [Annex A 5.20 - Addressing Information Security Within Supplier Agreements](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.20-addressing-information-security-within-supplier-agreements.md)
- [Annex A 5.21 - Managing Information Security in the ICT Supply Chain](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.21-managing-information-security-in-the-ict-supply-chain.md)
- [Annex A 5.22 - Monitoring, Review and Change Management of Supplier Services](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.22-monitoring-review-and-change-management-of-supplier-services.md)
- [Annex A 5.23 - Information Security for Use of Cloud Services](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.23-information-security-for-use-of-cloud-services.md)
- [Annex A 5.24 - Information Security Incident Management Planning and Preparation](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.24-information-security-incident-management-planning-and-preparation.md)
- [Annex A 5.25 - Assessment and Decision on Information Security Events](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.25-assessment-and-decision-on-information-security-events.md)
- [Annex A 5.26 - Response to Information Security Incidents](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.26-response-to-information-security-incidents.md)
- [Annex A 5.27 - Learning From Information Security Incidents](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.27-learning-from-information-security-incidents.md)
- [Annex A 5.28 - Collection of Evidence](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.28-collection-of-evidence.md)
- [Annex A 5.29 - Information Security During Disruption](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.29-information-security-during-disruption.md)
- [Annex A 5.30 - ICT Readiness for Business Continuity](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.30-ict-readiness-for-business-continuity.md)
- [Annex A 5.31 - Legal, Statutory, Regulatory and Contractual Requirements](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.31-legal-statutory-regulatory-and-contractual-requirements.md)
- [Annex A 5.32 - Intellectual Property Rights](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.32-intellectual-property-rights.md)
- [Annex A 5.33 - Protection of Records](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.33-protection-of-records.md)
- [Annex A 5.34 - Privacy and Protection of PII](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.34-privacy-and-protection-of-pii.md)
- [Annex A 5.35 - Independent Review of Information Security](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.35-independent-review-of-information-security.md)
- [Annex A 5.36 - Compliance With Policies, Rules and Standards for Information Security](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.36-compliance-with-policies-rules-and-standards-for-information-security.md)
- [Annex A 5.37 - Documented Operating Procedures](/start/iso27001-2022-wiki/annex-a-controls/annex-a.5-organisational-controls/annex-a-5.37-documented-operating-procedures.md)