ISO 27001 4 - Context of the organization 5 - Leadership 6 - Planning 7 - Support 8 - Operation 9 - Performance evaluation 10 - Improvement A.5 - Information security policies A.6 - People controls A.7 - Physical controls A.8 - Technological controls