Security Controls Catalog

Synergy of Processes and Controls

Controls

Security controls play a foundational role in shaping the actions cyber security professionals take to protect an organization.

There are 93 Controls grouped into four categories , which ISO refers to as “themes”: 



Processes

A Structured actions or steps taken to achieve a specific outcome. They are essentially the "how" of getting things done. In the context of information security, a process might refer to steps taken to review and grant access permissions to users or how incidents are detected and responded to. Read more 

Controls Processes

ISMS Processes 

ISMS Core Processes 


ISMS Support Processes 

Correlation between Processes and Controls


Key Characteristics of Processes:

Key Characteristics of Controls:

The Integrated Controls Management

In the ecosystem of information security, processes provide the roadmap, and controls ensure that the journey along that roadmap is safe and compliant. When designed and implemented correctly, they work together to ensure that an organization's information assets are well-protected against threats, errors, and inefficiencies.