Skip links

What are the ISO 27001:2022 Annex A controls?

The ISO 27001:2022 standard is a widely recognised international standard for information security management. It provides a framework for establishing, implementing, maintaining, and continually improving an information security management system (ISMS).

ISO 27001 ISMS Certification | Adaptive Certifications | Australia

Annex A of the ISO 27001:2022 standard lists the controls that organisations can use to protect their information assets. These 93 controls are grouped into 4 chapters:

  1. Chapter 5: Organizational – 37 controls
  2. Chapter 6: People – 8 controls
  3. Chapter 7: Physical – 14 controls
  4. Chapter 8: Technology – 34 controls

Each control is described in detail in Annex A, along with guidance on how to implement and maintain it. Organisations can use these controls to build a comprehensive and effective ISMS that helps protect their information assets and meet the requirements of the ISO 27001:2022 standard.

To purchase a copy of the standard – ISO – ISO/IEC 27001:2022 – Information security, cybersecurity and privacy protection — Information security management systems — Requirements

To talk to the team at Adaptive – Adaptive Certifications | Contact Us | Australia

Comments are closed.

This website uses cookies to improve your web experience.

Fill in the form to download the guide!

<script charset="utf-8" type="text/javascript" src="//"></script>
    region: "na1",
    portalId: "6613509",
    formId: "1bb30b73-15e5-4889-830c-cba2b472912b"

Fill in the form to download the guide!

Fill in the form to download the guide!

Fill in the form to download the guide!

Fill in the form to download the guide!