It is an organisation's comprehensive attitude towards data protection over a broad range of matters that are dictated by their organisational controls. The control measures include policies, rules, processes, procedures, and organisational structures.
There are 37 organisational controls for ISO 27002:2022; we have provided information and implementation guidance on each of these below.
ISO 27002:2022 is a guideline for information security controls, supporting ISO 27001:2022 Annex A by providing further detail and clarification. There are now four domains (Organisational, People, Physical and Technological) instead of the previous 14. At AvISO, we have put together a page on all 93 controls with an explained purpose and implementation guidance.
What Standard are you looking to obtain: