Controls - ISO 27002:2022

Manage and monitor your compliance controls, starting with the Statement of Applicability (SOA).

Control ID	Name	Type	Framework	Applicable (SOA)	Effectiveness
5.1	Policies for information security	Organizational	ISO 27002:2022	Applicable	Effective
5.2	Information security roles and responsibilities	People	ISO 27002:2022	Applicable	Effective
5.3	Segregation of duties	People	ISO 27002:2022	Applicable	Partially Effective
5.4	Management responsibilities	Organizational	ISO 27002:2022	Applicable	Not Audited
5.5	Contact with authorities	Organizational	ISO 27002:2022	Not Applicable	Not Audited
5.6	Contact with special interest groups	Organizational	ISO 27002:2022	Applicable	Ineffective
5.7	Threat intelligence	Organizational	ISO 27002:2022	Applicable	Partially Effective
5.8	Information security in project management	Organizational	ISO 27002:2022	Applicable	Effective
5.9	Inventory of information and other associated assets	Organizational	ISO 27002:2022	Applicable	Effective
5.10	Acceptable use of information and other associated assets	Organizational	ISO 27002:2022	Applicable	Effective
5.11	Return of assets	People	ISO 27002:2022	Applicable	Partially Effective
5.12	Classification of information	Organizational	ISO 27002:2022	Applicable	Effective
5.13	Labelling of information	Organizational	ISO 27002:2022	Applicable	Not Audited
5.14	Information transfer	Technological	ISO 27002:2022	Applicable	Effective
5.15	Access control	Technological	ISO 27002:2022	Applicable	Partially Effective

GRC Trust Bulletin