1
Scope
2 References
3 Definitions
4 Abbreviations
5 Overview
5.1 General
5.2 Process approach
5.3 Compatibility with other
management system standards
6 Information security management
system specification
6.1 General
6.2 Information security management
system processes
6.3 Documentation system
7 Management responsibility
7.1 Management commitment
7.2 Resource management
8 Management reviews
8.1 General
8.2 Review input
8.3 Review output
8.4 Internal ISMS audits
9 ISMS improvement
9.1 Continual improvement
9.2 Corrective action
9.3 Preventive action
Annex A – A set of controls customized to telecommunication
requirements
A.1 Introduction
A.2 Organizational security
A.3 Asset management
A.4 Personnel security
A.5 Physical and environmental security
A.6 Communications and operations
management
A.7 Access control
A.8 System
development and maintenance