Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » ISO 27001 » ISO 27001 Domains

ISO 27001 Domains

The ISO 27001 is divided into 14 domains. The reason why ISO 27001 is divided into these domains is that it gives a more structured approach towards a holistic framework, and each one of these domains handles a significant part of the objectives.

ISO 27001 Domains are: 

  • Risk Assessment and Management
  • Security Policy Development
  • Organizational Security
  • Human Resource Security 
  • Asset Management 
  • Access Control
  • Cryptography 
  • Physical and Environmental Security
  • Operations Security
  • Communications Security
  • System Acquisition
  • Development and Maintenance
  • Supplier Relationships
  • Information Security Incident Management
  • Business Continuity Management

These domains ensure personnel, data, controls, and systems security, develop incident response strategies for potential breach scenarios and help maintain consistency throughout the operations and your overall enterprise environment.

Additional reading

GDPR Certification: The Ultimate Guide

GDPR at a glance What is GDPR? The GDPR legislation is a landmark privacy legislation requiring companies that do business with EU citizens to comply. This means that most global businesses have felt its impact. A survey by Thomson Reuters revealed that over 91 percent of companies are aware of the GDPR. Still, more than…
Types of Security Models: All you need to know

Types of Security Models: All you need to know

Security models offer a blueprint for how security should be applied within organizations to ensure data confidentiality for both them and their consumers. In this article, we will take a deep dive into the security models and their various types. What are security models? Information security models are systems that specify which people should have…
HIPAA Authorization

What is a HIPAA Authorization and How Does it Work?

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that mandates the development of international guidelines to safeguard sensitive patient health information from being disclosed without the patient’s knowledge or agreement.  What is HIPAA authorization? A HIPAA authorization is permission from a person that allows a covered entity or business…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.