Which controls are related to the Annex A controls of ISO/IEC 27001 and are often selected from other guides and standards or defined by the organization to meet its specific needs?
Specific controls are tailored security controls chosen based on risk assessments, industry best practices, and regulatory requirements. These align with ISO/IEC 27001:2022 Annex A controls, which organizations select based on their risk landscape.
General controls refer to broad security measures that apply to all organizations.
Strategic controls focus on high-level governance and long-term security goals, not detailed security implementations.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit