Compare commits
9 commits
f80f7fdf36
...
d316285a74
| Author | SHA1 | Date | |
|---|---|---|---|
| d316285a74 | |||
| 84942d44e3 | |||
| 1baf4fbd9a | |||
| 7fcb17b157 | |||
| 2f25768d71 | |||
| 81d99248aa | |||
| 2db580d0ee | |||
| c5105d8ea9 | |||
| f6ba2d42af |
321 changed files with 13672 additions and 629 deletions
BIN
Corpus/Standards/ISO27x/ISO 27001_2022_EN.docx
Normal file
BIN
Corpus/Standards/ISO27x/ISO 27001_2022_EN.docx
Normal file
Binary file not shown.
12725
Corpus/Standards/ISO27x/ISO 27002_2022_EN_complete.md
Normal file
12725
Corpus/Standards/ISO27x/ISO 27002_2022_EN_complete.md
Normal file
File diff suppressed because it is too large
Load diff
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.0"
|
|||
title: "Introduction"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 0 Introduction
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.1"
|
|||
title: "Scope"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 1 Scope
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.10"
|
|||
title: "Improvement"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
# 10 Improvement
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.10.1"
|
|||
title: "Continual improvement"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 10.1 Continual improvement
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.10.2"
|
|||
title: "Nonconformity and corrective action"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 10.2 Nonconformity and corrective action
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.2"
|
|||
title: "Normative references"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 2 Normative references
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: C.4
|
|||
title: Context of the organisation
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
# 4 Context of the organisation
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.4.1"
|
|||
title: "Understanding the organization and its context"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## Clause 4.1: Understanding the organization and its context
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.4.2"
|
|||
title: "Understanding the needs and expectations of interested parties"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 4.2 Understanding the needs and expectations of interested parties
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.4.3"
|
|||
title: "Determining the scope of the information security management system"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 4.3 Determining the scope of the information security management system
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.4.4"
|
|||
title: "Information security management system"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 4.4 Information security management system
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: C.5
|
|||
title: Leadership
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
# 5 Leadership
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.5.1"
|
|||
title: "Leadership and commitment"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 5.1 Leadership and commitment
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.5.2"
|
|||
title: "Policy"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 5.2 Policy
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.5.3"
|
|||
title: "Organizational roles responsibilities and authorities"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 5.3 Organizational roles responsibilities and authorities
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: C.6
|
|||
title: Planning
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
# 6 Planning
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: C.6.1
|
|||
title: Actions to address risks and opportunities
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 6.1 Actions to address risks and opportunities
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.6.1.1"
|
|||
title: "General"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
### 6.1.1 General
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.6.1.2"
|
|||
title: "Information security risk assessment"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
### 6.1.2 Information security risk assessment
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.6.1.3"
|
|||
title: "Information security risk treatment"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
### 6.1.3 Information security risk treatment
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.6.2"
|
|||
title: "Information security objectives and planning to achieve them"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 6.2 Information security objectives and planning to achieve them
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.6.3"
|
|||
title: "Planning of changes"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 6.3 Planning of changes
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: C.7
|
|||
title: Support
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
# 7 Support
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.7.1"
|
|||
title: "Resources"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 7.1 Resources
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.7.2"
|
|||
title: "Competence"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 7.2 Competence
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.7.3"
|
|||
title: "Awareness"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 7.3 Awareness
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.7.4"
|
|||
title: "Communication"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 7.4 Communication
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.7.5"
|
|||
title: "Documented information"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 7.5 Documented information
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: C.8
|
|||
title: Operation
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
# 8 Operation
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.8.1"
|
|||
title: "Operational planning and control"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 8.1 Operational planning and control
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.8.2"
|
|||
title: "Information security risk assessment"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 8.2 Information security risk assessment
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.8.3"
|
|||
title: "Information security risk treatment"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 8.3 Information security risk treatment
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: C.9
|
|||
title: Performance evaluation
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
# 9 Performance evaluation
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.9.1"
|
|||
title: "Monitoring measurement analysis and evaluation"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 9.1 Monitoring measurement analysis and evaluation
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.9.2"
|
|||
title: "Internal audit"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 9.2 Internal audit
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.9.3"
|
|||
title: "Management review"
|
||||
tags:
|
||||
- iso27001/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 9.3 Management review
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.0"
|
|||
title: "Inleiding"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
# 0 Inleiding
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.1"
|
|||
title: "Onderwerp en toepassingsgebied"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
# 1 Onderwerp en toepassingsgebied
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.10"
|
|||
title: "Verbetering"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
# 10 Verbetering
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.10.1"
|
|||
title: "Continue verbetering"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 10.1 Continue verbetering
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.10.2"
|
|||
title: "Afwijkingen en corrigerende maatregelen"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 10.2 Afwijkingen en corrigerende maatregelen
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.2"
|
|||
title: "Normatieve verwijzingen"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
# 2 Normatieve verwijzingen
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.4"
|
|||
title: "Context van de organisatie"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
# 4 Context van de organisatie
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.4.1"
|
|||
title: "Inzicht in de organisatie en haar context"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 4.1 Inzicht in de organisatie en haar context
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.4.2"
|
|||
title: "Inzicht in de behoeften en verwachtingen van belanghebbenden"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 4.2 Inzicht in de behoeften en verwachtingen van belanghebbenden
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.4.3"
|
|||
title: "Het toepassingsgebied van het managementsysteem voor informatiebeveiliging vaststellen"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 4.3 Het toepassingsgebied van het managementsysteem voor informatiebeveiliging vaststellen
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.4.4"
|
|||
title: "Managementsysteem voor informatiebeveiliging"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 4.4 Managementsysteem voor informatiebeveiliging
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.5"
|
|||
title: "Leiderschap"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
# 5 Leiderschap
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.5.1"
|
|||
title: "Leiderschap en betrokkenheid"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 5.1 Leiderschap en betrokkenheid
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.5.2"
|
|||
title: "Beleid"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 5.2 Beleid
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.5.3"
|
|||
title: "Rollen verantwoordelijkheden en bevoegdheden binnen de organisatie"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 5.3 Rollen, verantwoordelijkheden en bevoegdheden binnen de organisatie
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.6"
|
|||
title: "Planning"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
# 6 Planning
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.6.1"
|
|||
title: "Acties om risicos en kansen op te pakken"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 6.1 Acties om risico's en kansen op te pakken
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.6.2"
|
|||
title: "Informatiebeveiligingsdoelstellingen en de planning om ze te bereiken"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 6.2 Informatiebeveiligingsdoelstellingen en de planning om ze te bereiken
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.6.3"
|
|||
title: "Planning van wijzigingen"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 6.3 Planning van wijzigingen
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.7"
|
|||
title: "Ondersteuning"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
# 7 Ondersteuning
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.7.1"
|
|||
title: "Middelen"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 7.1 Middelen
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.7.2"
|
|||
title: "Competentie"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 7.2 Competentie
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.7.3"
|
|||
title: "Bewustzijn"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 7.3 Bewustzijn
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.7.4"
|
|||
title: "Communicatie"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 7.4 Communicatie
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.7.5"
|
|||
title: "Gedocumenteerde informatie"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 7.5 Gedocumenteerde informatie
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.8"
|
|||
title: "Uitvoering"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
# 8 Uitvoering
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.8.1"
|
|||
title: "Operationele planning en beheersing"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 8.1 Operationele planning en beheersing
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.8.2"
|
|||
title: "Risicobeoordeling van informatiebeveiliging"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 8.2 Risicobeoordeling van informatiebeveiliging
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.8.3"
|
|||
title: "Informatiebeveiligingsrisicos behandelen"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 8.3 Informatiebeveiligingsrisico's behandelen
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.9"
|
|||
title: "Evaluatie van de prestaties"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
# 9 Evaluatie van de prestaties
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.9.1"
|
|||
title: "Monitoren meten analyseren en evalueren"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 9.1 Monitoren, meten, analyseren en evalueren
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.9.2"
|
|||
title: "Interne audit"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 9.2 Interne audit
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27001
|
||||
version: 2023
|
||||
language: NL
|
||||
|
|
@ -8,6 +8,7 @@ id: "C.9.3"
|
|||
title: "Management review"
|
||||
tags:
|
||||
- iso27001/2023/NL
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
## 9.3 Management review
|
||||
|
|
|
|||
|
|
@ -0,0 +1,101 @@
|
|||
---
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
id: "A.4"
|
||||
title: "Structure of this document"
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
# 4 Structure of this document
|
||||
|
||||
## 4.1 Clauses
|
||||
|
||||
This document is structured as follows:
|
||||
|
||||
a\) Organizational controls (Clause 5)
|
||||
|
||||
b\) People controls (Clause 6)
|
||||
|
||||
c\) Physical controls (Clause 7)
|
||||
|
||||
d\) Technological controls (Clause 8)
|
||||
|
||||
There are 2 informative annexes:
|
||||
|
||||
— Annex A— Using attributes
|
||||
— Annex B— Correspondence with ISO/IEC 27002:2013
|
||||
|
||||
Annex A explains how an organization can use attributes (see 4.2) to create its own views based on the control attributes defined in this document or of its own creation.
|
||||
|
||||
Annex B shows the correspondence between the controls in this edition of ISO/IEC 27002 and the previous 2013 edition.
|
||||
|
||||
## 4.2 Themes and attributes
|
||||
|
||||
The categorization of controls given in Clauses 5to 8are referred to as themes.
|
||||
|
||||
Controls are categorized as:
|
||||
|
||||
a\) people, if they concern individual people;
|
||||
|
||||
b\) physical, if they concern physical objects;
|
||||
|
||||
c\) technological, if they concern technology;
|
||||
|
||||
d\) otherwise they are categorized as organizational.
|
||||
|
||||
The organization can use attributes to create different views which are different categorizations of controls as seen from a different perspective to the themes. Attributes can be used to filter, sort or present controls in different views for different audiences. Annex Aexplains how this can be achieved and provides an example of a view.
|
||||
|
||||
By way of example, each control in this document has been associated with five attributes with corresponding attribute values (preceded by "#" to make them searchable), as follows:
|
||||
|
||||
a\) Control type
|
||||
|
||||
Control type is an attribute to view controls from the perspective of when and how the control modifies the risk with regard to the occurrence of an information security incident. Attribute values consist of Preventive (the control that is intended to prevent the occurrence of an information security incident), Detective (the control acts when an information security incident occurs) and Corrective (the control acts after an information security incident occurs).
|
||||
|
||||
b\) Information security properties
|
||||
|
||||
Information security properties is an attribute to view controls from the perspective of which characteristic of information the control will contribute to preserving. Attribute values consist of Confidentiality, Integrity and Availability.
|
||||
|
||||
c\) Cybersecurity concepts
|
||||
|
||||
Cybersecurity concepts is an attribute to view controls from the perspective of the association of controls to cybersecurity concepts defined in the cybersecurity framework described in ISO/IEC TS 27110. Attribute values consist of Identify, Protect, Detect, Respond and Recover.
|
||||
|
||||
d\) Operational capabilities
|
||||
|
||||
Operational capabilities is an attribute to view controls from the practitioner’s perspective of information security capabilities. Attribute values consist of Governance, Asset_management, Information_protection, Human_resource_security, Physical_security, System_and_network\_ security, Application_security, Secure_configuration, Identity_and_access_management,
|
||||
|
||||
Threat_and_vulnerability_management, Continuity, Supplier_relationships_security, Legal_and\_ compliance, Information_security_event_management and Information_security_assurance.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
e\) Security domains
|
||||
|
||||
|
||||
Security domains is an attribute to view controls from the perspective of four information security
|
||||
|
||||
domains: “Governance and Ecosystem” includes “Information System Security Governance &
|
||||
|
||||
Risk Management” and “Ecosystem cybersecurity management” (including internal and external stakeholders); “Protection” includes “IT Security Architecture”, “IT Security Administration”, “Identity and access management”, “IT Security Maintenance” and “Physical and environmental security”; “Defence” includes “Detection” and “Computer Security Incident Management”; “Resilience” includes “Continuity of operations” and “Crisis management”. Attribute values consist of Governance_and_Ecosystem, Protection, Defence and Resilience.
|
||||
|
||||
The attributes given in this document are selected because they are considered generic enough to be used by different types of organizations. Organizations can choose to disregard one or more of the attributes given in this document. They can also create attributes of their own (with the corresponding attribute values) to create their own organizational views. Clause A.2includes examples of such attributes.
|
||||
|
||||
## 4.3 Control layout
|
||||
|
||||
The layout for each control contains the following:
|
||||
|
||||
— **Control title:** Short name of the control;
|
||||
|
||||
— **Attribute table**: A table shows the value(s) of each attribute for the given control;
|
||||
|
||||
— **Control:** What the control is;
|
||||
|
||||
— **Purpose**: Why the control should be implemented; — **Guidance:** How the control should be implemented;
|
||||
|
||||
— **Other information:** Explanatory text or references to other related documents.
|
||||
|
||||
Subheadings are used in the guidance text for some controls to aid readability where guidance is lengthy and addresses multiple topics. Such headings are not necessarily used in all guidance text. Subheadings are underlined.
|
||||
|
|
@ -1,3 +1,17 @@
|
|||
---
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
id: "A.3"
|
||||
title: "Terms, definitions, and abbreviated terms"
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
# 3 Terms, definitions, and abbreviated terms
|
||||
|
||||
## 3.1 Terms and definitions
|
||||
For the purposes of this document, the following terms and definitions apply.
|
||||
ISO and IEC maintain terminology databases for use in standardization at the following addresses: — ISO Online browsing platform: available at https://www.iso.org/obp
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -18,7 +18,8 @@ security_domains:
|
|||
- Governance_and_Ecosystem
|
||||
- Resilience
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -20,7 +20,8 @@ security_domains:
|
|||
- Governance_and_Ecosystem
|
||||
- Protection
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -16,7 +16,8 @@ cybersecurity_concepts: [Protect]
|
|||
operational_capabilities: [Asset_management]
|
||||
security_domains: [Protection]
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -18,7 +18,8 @@ security_domains:
|
|||
- Protection
|
||||
- Defence
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -18,7 +18,8 @@ security_domains:
|
|||
- Defence
|
||||
- Protection
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -18,7 +18,8 @@ operational_capabilities:
|
|||
- Information_protection
|
||||
security_domains: [Protection]
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -16,7 +16,8 @@ cybersecurity_concepts: [Protect]
|
|||
operational_capabilities: [Identity_and_access_management]
|
||||
security_domains: [Protection]
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -16,7 +16,8 @@ cybersecurity_concepts: [Protect]
|
|||
operational_capabilities: [Identity_and_access_management]
|
||||
security_domains: [Protection]
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -16,7 +16,8 @@ cybersecurity_concepts: [Protect]
|
|||
operational_capabilities: [Identity_and_access_management]
|
||||
security_domains: [Protection]
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -16,7 +16,8 @@ cybersecurity_concepts: [Protect]
|
|||
operational_capabilities: [Identity_and_access_management]
|
||||
security_domains: [Protection]
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -18,7 +18,8 @@ security_domains:
|
|||
- Governance_and_Ecosystem
|
||||
- Protection
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -19,7 +19,8 @@ security_domains:
|
|||
- Protection
|
||||
- Resilience
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -18,7 +18,8 @@ security_domains:
|
|||
- Governance_and_Ecosystem
|
||||
- Protection
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -18,7 +18,8 @@ security_domains:
|
|||
- Governance_and_Ecosystem
|
||||
- Protection
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -20,7 +20,8 @@ security_domains:
|
|||
- Defence
|
||||
- Information_security_assurance
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -18,7 +18,8 @@ security_domains:
|
|||
- Governance_and_Ecosystem
|
||||
- Protection
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -20,7 +20,8 @@ operational_capabilities:
|
|||
- Information_security_event_management
|
||||
security_domains: [Defence]
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -18,7 +18,8 @@ cybersecurity_concepts:
|
|||
operational_capabilities: [Information_security_event_management]
|
||||
security_domains: [Defence]
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -18,7 +18,8 @@ cybersecurity_concepts:
|
|||
operational_capabilities: [Information_security_event_management]
|
||||
security_domains: [Defence]
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -18,7 +18,8 @@ cybersecurity_concepts:
|
|||
operational_capabilities: [Information_security_event_management]
|
||||
security_domains: [Defence]
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -18,7 +18,8 @@ cybersecurity_concepts:
|
|||
operational_capabilities: [Information_security_event_management]
|
||||
security_domains: [Defence]
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -22,7 +22,8 @@ security_domains:
|
|||
- Protection
|
||||
- Resilience
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -18,10 +18,10 @@ operational_capabilities:
|
|||
- Identity_and_access_management
|
||||
security_domains: [Governance_and_Ecosystem]
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
## 5.3 Segregation of duties
|
||||
|
||||
### Control
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -13,7 +13,8 @@ cybersecurity_concepts: [Respond]
|
|||
operational_capabilities: [Continuity]
|
||||
security_domains: [Resilience]
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -18,7 +18,8 @@ security_domains:
|
|||
- Governance_and_Ecosystem
|
||||
- Protection
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
notetype: sourcetext
|
||||
notetype: reference
|
||||
standard: ISO 27002
|
||||
version: 2022
|
||||
language: EN
|
||||
|
|
@ -16,7 +16,8 @@ cybersecurity_concepts: [Identify]
|
|||
operational_capabilities: [Legal_and_compliance]
|
||||
security_domains: [Governance_and_Ecosystem]
|
||||
tags:
|
||||
- iso27002/2022/EN
|
||||
- iso27002/2022/EN
|
||||
- sourcetext
|
||||
status: active
|
||||
---
|
||||
|
||||
|
|
|
|||
Some files were not shown because too many files have changed in this diff Show more
Loading…
Add table
Add a link
Reference in a new issue