Organizational Controls (Clause 5)

Management should require all personnel to apply information security in accordance with the established information security policy, topic-specific policies and procedures of the organization.


Login