How many controls in ISO 27001:2022?

Annex A of ISO/IEC 27001:2022 has 93 controls across 4 themes: organizational (37), people (8), physical (14) and technological (34).

ISO 27001 Checklist (2022) — free interactive tool

0/15 — 0%

High exposure — start now.

Management system (clauses 4-10)

ISMS scope and interested partiesPolicy and management commitmentRisk assessment and treatmentStatement of Applicability (SoA)Internal audit and management review

Annex A — Organizational controls (A.5)

Information security policiesAsset management and classificationSupplier-relationship securityIncident management and continuity

Annex A — People & Physical (A.6-A.7)

Awareness, screening, off-boardingPhysical access control and workstations

Annex A — Technological (A.8)

Access management and authenticationCryptography and data protectionVulnerability management and loggingSecure development and backups

From checklist to a certifiable ISMS

ResiPlan manages the SoA, risk assessment (36 methodologies), AI policies and ISO 27001 audit evidence.

Start free Book a demo