Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » ISO 27001 » ISO 27001 Domains

ISO 27001 Domains

The ISO 27001 is divided into 14 domains. The reason why ISO 27001 is divided into these domains is that it gives a more structured approach towards a holistic framework, and each one of these domains handles a significant part of the objectives.

ISO 27001 Domains are: 

  • Risk Assessment and Management
  • Security Policy Development
  • Organizational Security
  • Human Resource Security 
  • Asset Management 
  • Access Control
  • Cryptography 
  • Physical and Environmental Security
  • Operations Security
  • Communications Security
  • System Acquisition
  • Development and Maintenance
  • Supplier Relationships
  • Information Security Incident Management
  • Business Continuity Management

These domains ensure personnel, data, controls, and systems security, develop incident response strategies for potential breach scenarios and help maintain consistency throughout the operations and your overall enterprise environment.

Additional reading

The 8 Best ISO 27001 Software to Consider in 2026

TL;DR Most ISO 27001 tools offer similar core features, but they differ significantly in automation depth, usability, scalability, and engineering impact. Sprinto and Delve lead in hands-off automation, with Sprinto standing out for real-time monitoring, agentic AI, and deep integration coverage. Drata and Vanta offer strong automation for scaling SaaS companies, while Hyperproof and ISMS.online…

Internal Control Audit: Evaluating Your Control Environment

Amidst the dance of commerce, the internal control system is a silent watchdog. It does not always make the headlines in case of breaches or system crashes, but the consequences can be devastating when controls are not in place.  Case in point: A fine of $136 million was levied on Citigroup by the US regulatory…

What is COBIT – 6 Steps to implement COBIT Framework

As organizations increasingly rely on IT and rapidly transition to the cloud, a structured approach to IT governance is more critical than ever. It can drive innovation, optimize resources, and enhance customer experience. However, if mismanaged, it can become a source of high risk. Enter Control Objectives for Information and Related Technology (COBIT) framework. The…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales