ISO27001 Research
442 published notes grouped into 9 domains.
Guide path
Use domains before opening individual notes
ISMS requirements, Annex A control domains, implementation guidance, evidence packs, and audit-ready templates. Each domain page explains the area first, then groups controls, templates, evidence packs, crosswalks, and related guide notes.
Domains
Choose a domain
Overview & fundamentals
11 notesStart here for the ISMS model, Statement of Applicability, policy structure, roles, and core implementation concepts.
Clauses 4-10
9 notesThe management-system clauses that define context, leadership, planning, support, operations, evaluation, and improvement.
Annex A Organizational Controls
188 notesA.5 controls for governance, policies, suppliers, incidents, business continuity, legal requirements, and information handling.
Annex A People Controls
42 notesA.6 controls for screening, employment terms, awareness, disciplinary process, termination, confidentiality, remote work, and reporting.
Annex A Physical Controls
72 notesA.7 controls for physical perimeters, entry, secure areas, monitoring, environmental threats, equipment placement, and clear desk/screen.
Implementation Guides
65 notesPractitioner guidance for turning ISO requirements into implementation plans, operating artifacts, and control ownership.
Audit Evidence
270 notesEvidence packs, audit questions, implementation proof, registers, and records that help prove controls are operating.
Risk & crosswalks
6 notesRisk treatment, ISO 27005 links, GRC mappings, control relationships, and cross-framework translation notes.
Exam preparation
41 notesStudy notes and control distinction cues for ISO 27001, ISO 27002, and ISO 27005 learning paths.