SS ISO/IEC 27002:2023

Information security, cybersecurity and privacy protection – Information security controls


This document provides a reference set of generic information security controls including
implementation guidance. This document is designed to be used by organisations:

a) within the context of an information security management system (ISMS) based on SS ISO/IEC 27001;
b) for implementing information security controls based on internationally recognised best practices;
c) for developing organisation-specific information security management guidelines.




Status Current
Edition 2023
No. of Pages 167
ICS Classification 35.030 IT Security
Committee Information Technology Standards Committee
Available for Purchase Global
Adoption ISO/IEC 27002 : 2022 IDT