UnixTime

Research Note

ISO27001 ISMS KB - Start Here

This knowledge base contains expanded study notes for ISO/IEC 27001 and ISO/IEC 27002.

On this page

This knowledge base contains expanded study notes for ISO/IEC 27001 and ISO/IEC 27002.

It is built for four uses:

  1. Exam review — concise cues, common traps, and comparison tables.
  2. ISMS implementation — practical guidance, ownership models, templates, and control examples.
  3. Audit preparation — evidence lists, interview questions, and internal audit checklists.
  4. Risk management mapping — ISO/IEC 27005-style risk logic connected to implementation, audit evidence, and control selection.

Covered so far

Fundamentals

Guide layers

Reference examples

Annex A.5 Organizational controls

Exam and quiz notes

Note style

Each control note follows this pattern where possible:

# ISO 27001 A.x.x - Control Name
## Requirement
## Plain-language meaning
## Why this matters
## Implementation guidance
## Audit guidance
## Evidence examples
## Common failures
## Exam traps
## KB-ready summary
## Templates and checklists

These notes paraphrase and explain the material instead of reproducing long passages from standards or course content. Exact control wording is kept brief where provided in the study material.

  • Iso27001
  • Isms
  • Moc

Note Metadata

Aliases: Start Here

Source: 00 Start Here.md

Graph-sourced resources

Templates and evidence

Auditor evidence packs

Evidence collections and audit-facing verification material.

Risk treatment artifacts

Risk records, mappings, and treatment-supporting references.