ISO 27001

ISO 27001 is the international standard for information security. Its framework requires organizations to identify information security risks and select appropriate controls to tackle them. Those practices are outlined in Annex A of ISO 27001, which contains 114 controls divided into 14 domains

The 14 domains of ISO 27001

Information security policies

Organization of information security

Human resource security

Asset management

Access control


Physical and environmental security

Operations security

Operations security

System acquisition, development and maintenance

Supplier relationships

Information security incident management

Information security aspects of business continuity management




A suitable security protocol for large enterprises

Costly compared to NIST

Can build trust in the eyes of consumers as it is globally recognized

Some people may consider it a waste of resources during the installation and maintenance phases.

Ready for your compliance journey

Get in touch today

Subscribe now

Subscribe to get your copy of checklist etc

Skip to content