Search 6,000+ CA Community College Courses

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

LinkedIn Learning

ISO 27001:2022-Compliant Cybersecurity: The Annex A Controls

via LinkedIn Learning

Go to class Write review

Overview

Improve your information security program or prepare for compliance with the ISO 27001 standard by learning about the 93 Annex A security control requirements.

Syllabus

Introduction
  • Introduction to the Annex A controls
1. Governance
  • Policies for information security (Control 5.1)
  • Roles, responsibilities, and duties (Controls 5.2–5.4)
  • Contacts and project management (Controls 5.5, 5.6, and 5.8)
2. Asset Management
  • Responsibility for information assets (Controls 5.9, 5.10, 6.7, and 8.1)
  • Asset security procedures (Controls 5.11, 5.14, and 5.37)
3. Information Protection
  • Classification, labeling, and privacy (Controls 5.12, 5.13, and 5.34)
  • Deletion, masking, DLP, and test data (Controls 8.10–8.12, and 8.33)
4. Identity and Access Management
  • Access management (Controls 5.15–5.18)
  • System and application access control (Controls 8.2–8.5)
5. Supplier Relationships Security
  • Supplier relationships security (Controls 5.19–5.21)
  • Managing supplier service delivery and cloud services security (Controls 5.22 and 5.23)
6. Information Security Event Management
  • Information security incident management (Controls 5.24–5.28, and 6.8)
  • Logging and monitoring (Controls 8.15–8.17)
7. Continuity
  • Continuity (Controls 5.29, 5.30, and 8.13)
  • Backup and availability (Controls 8.13 and 8.14)
8. Legal, Compliance, and Security Assurance
  • Legal and compliance (Controls 5.31–5.33)
  • Information security assurance (Control 5.35 and 5.36)
9. Human Resource Security
  • Prior to employment (Controls 6.1 and 6.2)
  • During employment (Controls 6.3–6.6)
10. Physical Security
  • Ensuring authorized access (Controls 7.1–7.3)
  • Protecting secure areas (Controls 7.4–7.6)
  • Equipment security (Controls 7.7–7.10)
  • Utilities, cabling, and equipment management (Controls 7.11–7.14)
11. System and Network Security
  • Network security management (Controls 8.20–8.23)
  • Protection of information systems (Controls 8.7, 8.18, 8.30, and 8.34)
12. Threat and Vulnerability Management and Secure Configuration
  • Threat and vulnerability management (Controls 5.7 and 8.8)
  • Secure configuration (Controls 8.9, 8.19, and 8.24)
13. Application Security
  • Secure development (Controls 8.25–8.28)
  • Testing, separate environments, and change management (Controls 8.29, 8.31, and 8.32)
Conclusion
  • Achieving ISO 27001 compliance

Taught by

Marc Menninger

Reviews

4.8 rating at LinkedIn Learning based on 266 ratings

Start your review of ISO 27001:2022-Compliant Cybersecurity: The Annex A Controls

Go to class

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.