ISO 27001:2022 Annex A organizes 93 controls into four themes. Organizational controls (37 controls) cover governance, policies, and risk management. People controls (8 controls) address security awareness and training. Physical controls (14 controls) cover physical security. Technological controls (34 controls) address access control, cryptography, network security, and vulnerability management.
Keep Exploring