cl_6Level 1

Clause 6 - Planning

Clause 6 of ISO/IEC 27001:2022 specifies the planning activities required for an information security management system, mandating a risk assessment and treatment process, the definition of measurable security objectives, and the integration of these objectives into the organization's overall ISMS framework. It directs organizations to document how risks will be addressed, allocate resources, and establish criteria for monitoring and reviewing the effectiveness of security controls.

GET/api/v1/systems/reg_iso_27001/nodes/cl_6

Manual TranscriptionProprietary (ISO copyright)Source

Hierarchy Explorer

Hierarchy ExplorerChevron to expand - click title to open

6_16.1 Actions to address risks and opportunities

6_26.2 Information security objectives

6_36.3 Planning of changes

Cross-system equivalences0

No cross-system equivalences mapped for this node.

Report a data issue