ISO 27001

1. Clause 7 - Support

1.1. Clause 7.1 - Resources

1.2. Clause 7.2 - Competence

1.3. Clause 7.3 - Awareness

1.4. Clause 7.4 - Communication

1.5. Clause 7.5 - Documented information

2. Clause 8 - Operation

2.1. Clause 8.1 - Operational planning and control

2.2. Clause 8.2 - Information security risk assessment

2.3. Clause 8.3 - Information security risk treatment

3. Clause 9 - Performance evaluation

3.1. Clause 9.1 - Monitoring, measurement, analysis and evaluation

3.2. Clause 9.2 - Internal audit

3.3. Clause 9.3 - Management review

4. Clause 10 - Improvement

4.1. Clause 10.1 - Nonconformity and corrective action

4.2. Clause 10.2 - Continual improvement

5. Clause 4 - Context of the organization

5.1. Clause 4.1 - Understanding the organization and its context

5.2. Clause 4.2 - Understanding the needs and expectations of interested parties

5.3. Clause 4.3 - Determining the scope of the information security management system

5.4. Clause 4.4 - Information security management system

6. Clause 5 - Leadership

6.1. Clause 5.1 - Leadership and commitment

6.2. Clause 5.2 - Policy

6.3. Clause 5.3 - Organizational roles, responsibilities and authorities

7. Clause 6 - Planning

7.1. Clause 6.1 - Actions to address risks and opportunities

7.2. Clause 6.2 - Information security objectives and planning to achieve them