MarketplaceCybersecurityISO/IEC 27001:2022
CybersecurityStandardControl set

ISO/IEC 27001:2022

ISO/IEC 27001:2022 - Information security, cybersecurity and privacy protection — Information security management systems — Requirements

ISO/IEC 27001:2022 is an international standard defining requirements for an information security management system (ISMS). It helps organizations establish, implement, maintain, and continually improve their information security processes to manage data-related risks.

Overview

ISO/IEC 27001:2022 is the third edition of the standard, published in October 2022, that outlines requirements for managing and protecting information. It enables organizations of any size and sector to develop a holistic approach to information security that addresses people, processes, and technology. The standard supports risk management, ensures data confidentiality, integrity, and availability, and promotes operational resilience to evolving cyber threats. It is widely adopted worldwide, with certification processes available for businesses seeking formal accreditation to demonstrate compliance.

Related in Cybersecurity

CybersecurityStandardFramework

CAIQ v4.1.0 — Consensus Assessment Initiative Questionnaire v4.1.0

The Consensus Assessments Initiative Questionnaire (CAIQ) v4.1.0 is a comprehensive cloud security assessment questionnaire developed by the Cloud Security Alliance (CSA) and aligned with the Cloud Controls Matrix (CCM) v4.1 to help organizations evaluate the security, privacy, and compliance practices of cloud service providers. It includes 261 assessment questions mapped to 207 controls across 17 security domains, supporting detailed vendor due diligence, third-party risk management, and cloud security assessments using a standardized industry framework.

Cloud Security Alliance (CSA) • v4.1.0

View details
CybersecurityStandard

CAIQ Lite v4.1.0 — Consensus Assessments Initiative Questionnaire Lite v4.1.0

Consensus Assessments Initiative Questionnaire (CAIQ) Lite v4.1.0 is a streamlined cloud security assessment questionnaire developed by the Cloud Security Alliance (CSA) and aligned with the Cloud Controls Matrix (CCM) v4.1 to help organizations evaluate cloud service providers using a standardized approach. It includes 138 focused questions across 17 security domains, enabling efficient vendor due diligence, third-party risk management, and security posture assessments.

Cloud Security Alliance (CSA) • v4.1.0

View details
CybersecurityFrameworkStandard

CCM v4.1 — Cloud Controls Matrix v4.1

The Cloud Controls Matrix (CCM) v4.1 is a cybersecurity control framework that consists of 207 controls across 17 security domains, specifically tailored for cloud security and privacy. The Consensus Assessment Initiative Questionnaire (CAIQ) accompanies the CCM, offering a set of assessment questions to evaluate security controls.

Cloud Security Alliance (CSA) • v4.1

View details
CybersecurityStandard

SOC-CMM — SOC-CMM Assessment Tool

The SOC-CMM model is a capability maturity model that can be used to perform a self-assessment of your Security Operations Center (SOC). The model is based on review conducted on literature regarding SOC setup and existing SOC models as well as literature on specific elements within a SOC. The literature analysis was then validated by questioning several Security Operations Centers in different sectors and on different maturity levels to determine which elements were actually in place. The output from the survey, combined with the initial analysis is the basis for this self-assessment. For more information regarding the scientific background and the literature used to create the SOC-CMM self-assessment tool, please refer to the thesis document as available through: https://www.soc-cmm.com/

SOC-CMM

View details

Ready to manage these frameworks?

6clicks maps regulations to controls, evidence and risks — automatically.

Book your strategy call