Chargement...
Chargement...
Copyright © 2026 Anove International B.V.
All product names, logos, and brands are property of their respective owners. Use of these names does not imply affiliation, endorsement, or partnership.
ISO27001 Annex A
ISO 27001 Annex A is a crucial component of the internationally recognized ISO/IEC 27001 standard for Information Security Management Systems (ISMS). It provides a comprehensive catalogue of 93 information security controls, organized into four themes: Organisational, People, Physical, and Technological controls.
ISO 27001 Annex A is a crucial component of the internationally recognized ISO/IEC 27001 standard for Information Security Management Systems (ISMS). It provides a comprehensive catalogue of 93 information security controls, organized into four themes: Organisational, People, Physical, and Technological controls. These controls are not mandatory in their entirety; rather, organizations select and implement relevant controls based on their specific risk assessment and treatment process, as documented in their Statement of Applicability. Annex A serves as a practical reference guide, helping organizations to identify and apply appropriate measures to protect the confidentiality, integrity, and availability of their information assets, thereby addressing a wide array of potential security threats and vulnerabilities.
Determine which Annex A controls are relevant through risk assessment and treatment, justify inclusions and exclusions, and document the decisions in a Statement of Applicability.
Establish governance, policies, roles, supplier and access management, and human resource measures such as screening, awareness and responsibilities across the employment lifecycle.
Protect facilities, equipment and media through secure areas, access restrictions and safeguards against environmental and physical threats.
Apply technical safeguards covering areas such as access control, cryptography, logging and monitoring, secure configuration, and secure development and operations.
Pour aller plus loin
Anove analyse votre stack au regard de ISO27001 Annex A et de plus de 260 autres cadres en quelques minutes.
Monitor control effectiveness, review the selected controls against changing risks, and keep the Statement of Applicability current.