IS017799:ROOT
Security_Policy:AREA
Organization_of_Information_Security:AREA
Asset_Management:AREA
Human_Resources_Security:AREA
Physical_Environmental_Security:AREA
Communications_Operations_Management:AREA
Access_Control:AREA
Information_Systems_Acquisition_Development_and_Maintenance:AREA
Information_Security_Incident_Management:AREA
Business_Continuity_Management:AREA
Compliance:AREA
Information_Security_Policy_Document:OBJECTIVE
Review_Information_Security_Policy:OBJECTIVE
Management_Commitment_to_Information_Security:OBJECTIVE
Information_Security_Coordination:OBJECTIVE
Allocation_of_Information_security_Responsibilities:OBJECTIVE
Authorization_Process_for_Information_Processing_Facilities:OBJECTIVE
Confidentiality_Agreements:OBJECTIVE
Contact_with_Authorities:OBJECTIVE
Contact_with_Special_Interest_Groups:OBJECTIVE
Independent_Review_of_Information_Security:OBJECTIVE
Identification_of_Risks_Related_to_External_Parties:OBJECTIVE
Addressing_Security_when_Dealing_with_Customers:OBJECTIVE
Addressing_Security_in_Third_Party_Agreements:OBJECTIVE
Inventory_of_Assets:OBJECTIVE
Ownership_of_Assets:OBJECTIVE
Acceptable_Use_of_Assets:OBJECTIVE
Classification_Guidelines:OBJECTIVE
Information_Labeling_and_Handling:OBJECTIVE
Roles_and_Responsibilities:OBJECTIVE
Screening:OBJECTIVE
Terms_and_Conditions_of_Employment:OBJECTIVE
Management_Responsibilities:OBJECTIVE
Information_Security_Awareness:OBJECTIVE
Disciplinary_Process:OBJECTIVE
Termination_Responsibilities:OBJECTIVE
Return_of_Assets:OBJECTIVE
Removal_of_Access_Rights:OBJECTIVE
Physical_Security_Perimeter:OBJECTIVE
Physical_Entry_Controls:OBJECTIVE
Securing_offices_Rooms_Facilities:OBJECTIVE
Protecting_Against_External_Environmental_Threats:OBJECTIVE
Working_in_Secure_Areas:OBJECTIVE
Public_Access_Delivery_Loading_Areas:OBJECTIVE
Equipment_Siting_and_Protection:OBJECTIVE
Supporting_Utilities:OBJECTIVE
Cabling_Security:OBJECTIVE
Equipment_Maintenance:OBJECTIVE
Security_of_Equipment_Off_premises:OBJECTIVE
Secure_Disposal_or_Re_use_of_Equipment:OBJECTIVE
Removal_of_Property:OBJECTIVE
Documented_Operating_Procedures:OBJECTIVE
Change_Management:OBJECTIVE
Segregation_of_Duties:OBJECTIVE
Separation_of_Development_Test_and_Operational_Facilities:OBJECTIVE
Service_Delivery:OBJECTIVE
Monitoring_and_Review_of_Third_Party_Services:OBJECTIVE
Managing_Changes_to_Third_Party_Services:OBJECTIVE
Capacity_Management:OBJECTIVE
System_Acceptance:OBJECTIVE
Controls_Against_Malicious_Code:OBJECTIVE
Controls_Against_Mobile_Code:OBJECTIVE
Information_Back_up:OBJECTIVE
Network_Controls:OBJECTIVE
Security_of_Network_Services:OBJECTIVE
Management_of_Removable_Media:OBJECTIVE
Disposal_of_Media:OBJECTIVE
Information_Handling_Procedures:OBJECTIVE
Security_of_System_Documentation:OBJECTIVE
Information_Exchange_Policies_and_Procedures:OBJECTIVE
Exchange_Agreements:OBJECTIVE
Physical_Media_in_Transit:OBJECTIVE
Electronic_Messaging:OBJECTIVE
Business_Information_Systems:OBJECTIVE
Electronic_Commerce:OBJECTIVE
On_Line_Transactions:OBJECTIVE
Publicly_Available_Information:OBJECTIVE
Audit_Logging:OBJECTIVE
Monitoring_System_Use:OBJECTIVE
Protection_of_Log_Information:OBJECTIVE
Administrator_and_Operator_Logs:OBJECTIVE
Fault_Logging:OBJECTIVE
Clock_Synchronization:OBJECTIVE
Access_Control_Policy:OBJECTIVE
User_Registration:OBJECTIVE
Privilege_Management:OBJECTIVE
User_Password_Management:OBJECTIVE
Review_of_User_Access_Rights:OBJECTIVE
Password_Use:OBJECTIVE
Unattended_User_Equipment:OBJECTIVE
Clear_Desk_Screen_Policy:OBJECTIVE
Policy_on_Use_of_Network_Services:OBJECTIVE
User_Authentication_for_External_Connections:OBJECTIVE
Equipment_Identification_in_Networks:OBJECTIVE
Remote_Diagnostic_and_Configuration_Port_Protection:OBJECTIVE
Segregation_in_Networks:OBJECTIVE
Network_Connection_Control:OBJECTIVE
Network_Routing_Control:OBJECTIVE
Secure_log_on_Procedures:OBJECTIVE
User_Identification_and_Authorization:OBJECTIVE
Password_Management_System:OBJECTIVE
Use_of_System_Utilities:OBJECTIVE
Session_Time_out:OBJECTIVE
Limitation_of_Connection_Time:OBJECTIVE
Information_Access_Restriction:OBJECTIVE
Sensitive_System_Isolation:OBJECTIVE
Mobile_Computing_and_Communications:OBJECTIVE
Teleworking:OBJECTIVE
Security_Requirements_Analysis_and_Specification:OBJECTIVE
Input_Data_Validation:OBJECTIVE
Control_of_Internal_Processing:OBJECTIVE
Message_Integrity:OBJECTIVE
Output_Data_Validation:OBJECTIVE
Cryptographic_Controls:OBJECTIVE
Key_Management:OBJECTIVE
Control_of_Operational_Software:OBJECTIVE
Protection_of_System_Test_Data:OBJECTIVE
Access_Control_to_Program_Source_Code:OBJECTIVE
Change_Control_Procedures:OBJECTIVE
Technical_Review_of_Applications_After_OS_Changes:OBJECTIVE
Restrictions_on_Changes_to_Software_Packages:OBJECTIVE
Information_Leakage:OBJECTIVE
Outsourced_Software_Development:OBJECTIVE
Control_of_Technical_Vulnerabilities:OBJECTIVE
Reporting_Information_Security_Events:OBJECTIVE
Reporting_Security_Weaknesses:OBJECTIVE
Responsibilities_and_Procedures:OBJECTIVE
Learning_from_Information_Security_Incidents:OBJECTIVE
Collection_of_Evidence:OBJECTIVE
Including_Information_Security_in_the_Business_Continuity_Management_Process:OBJECTIVE
Business_Continuity_and_Risk_Assessment:OBJECTIVE
Developing_and_Implementing_Continuity_Plans_Including_Information_Security:OBJECTIVE
Business_Continuity_Planning_Framework:OBJECTIVE
Testing_Maintaining_and_Re_assessing_Business_Continuity_Plans:OBJECTIVE
Identification_of_Applicable_Legislation:OBJECTIVE
Intellectual_Property_Rights:OBJECTIVE
Protection_of_Organizational_Records:OBJECTIVE
Data_Protection_and_Privacy_of_Personal_Information:OBJECTIVE
Prevention_of_Misuse_of_Information_Processing_Facilities:OBJECTIVE
Regulation_of_Cryptographic_Controls:OBJECTIVE
Compliance_With_Security_Policies_and_standards:OBJECTIVE
Technical_Compliance_Checking:OBJECTIVE
Information_Systems_Audit_Controls:OBJECTIVE
Protection_of_Information_Systems_Audit_Tools:OBJECTIVE
Reporting_Softwar_Malfunctions:OBJECTIVE
Enforced_Path:OBJECTIVE
Automatic_Terminal_Identification:OBJECTIVE
Duress_alarm:OBJECTIVE
Encryption:OBJECTIVE
Digital_Signatures:OBJECTIVE
Non_repudiation_Services:OBJECTIVE
