CHAPTER 17: ISO27001 ANNEX A
ISO/IEC 27001:2005 Annex A has 11 major clauses or control areas numbered from A.5 to A.15, each of which identifies one or more control objectives. Each control objective is served by one or more controls. Every control is sequentially numbered.
There are, in total, 133 subclauses, each of which has an alphanumeric clause number.
Annex A is aligned with ISO27002; this means that precisely the same control objectives, controls, clause numbering and wording are used in both Annex A and in ISO27002. Note the clear statement that ‘the lists in these tables are not exhaustive and an organisation may consider that additional control objectives and controls are necessary’.23 The 11 control clauses of Annex A (it does not ...
Get ISO27001 / ISO27002 A Pocket Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.