...
- ISO/IEC 27001:2013 Annex A
- CIS Critical Security Controls
Some countries may have their own There may be control sets , for example the specific for your country. The UK specifies five controls for basic cyber hygine hygiene in the Cyber Essentials standard, and controls/objectives for operators of essential services under the NIS Directive are published by NCSC.
Particular domains for example, scientific collaboration environments, Domains and activities may also have their own control sets, for example in : scientific collaboration environments have https://www.eugridpma.org/sci/. The telecommunications sector has , telecommunications sector ISO/IEC 27011, and cloud computing has ISO/IEC 27017
ISO/IEC 27001:2013 allows you to select controls from any source, but you must justify the exclusion of any controls from Annex A which you have chosen not to implement, to ensure that no necessary controls are overlooked.
...