Skip to content

Enum: ControlCategory

The four control domains defined in ISO/IEC 27001:2022 Annex A, corresponding to Clauses 5-8 of ISO/IEC 27002:2022.

URI: iso27001:ControlCategory

Permissible Values

Value Meaning Description
organizational None Organizational controls (Annex A
people None People controls (Annex A
physical None Physical controls (Annex A
technological None Technological controls (Annex A

Slots

Name Description
control_category Domain category of the control

In Subsets

Identifier and Mapping Information

Annotations

property value
iso27002_mapping Clauses 5-8

Schema Source

  • from schema: https://w3id.org/lmodel/iso27001

LinkML Source

name: ControlCategory
annotations:
  iso27002_mapping:
    tag: iso27002_mapping
    value: Clauses 5-8
description: The four control domains defined in ISO/IEC 27001:2022 Annex A, corresponding
  to Clauses 5-8 of ISO/IEC 27002:2022.
in_subset:
- annex_a_controls
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
permissible_values:
  organizational:
    text: organizational
    description: Organizational controls (Annex A.5) - policies, roles, asset management,
      access control, supplier relationships, incident management, compliance.
    annotations:
      annex_clause:
        tag: annex_clause
        value: '5'
      control_count:
        tag: control_count
        value: '37'
  people:
    text: people
    description: People controls (Annex A.6) - screening, employment terms, awareness,
      disciplinary process, termination responsibilities, remote working.
    annotations:
      annex_clause:
        tag: annex_clause
        value: '6'
      control_count:
        tag: control_count
        value: '8'
  physical:
    text: physical
    description: Physical controls (Annex A.7) - perimeters, entry controls, equipment
      protection, secure areas, media handling, cabling, maintenance.
    annotations:
      annex_clause:
        tag: annex_clause
        value: '7'
      control_count:
        tag: control_count
        value: '14'
  technological:
    text: technological
    description: Technological controls (Annex A.8) - endpoint security, access restrictions,
      authentication, malware protection, logging, cryptography, secure development.
    annotations:
      annex_clause:
        tag: annex_clause
        value: '8'
      control_count:
        tag: control_count
        value: '34'