4 sections · 243 audit questions · every article, annex and clause · v2022-02-15
This page lists every regulatory leaf of ISO/IEC 27002 in the order it appears in the regulation — each article, annex and clause. The audit checklist treats every leaf as a separate audit row, including the permissive ones.
Click a row's citation to jump to it. The audit-question count shows how many auditable rows the checklist generates from that leaf (zero means the leaf is informational only).
| Citation | Kind | Title | Audit questions |
|---|---|---|---|
| A.5 Organizational controls | Control | Organizational controls | 106 |
| A.6 People controls | Control | People controls | 20 |
| A.7 Physical controls | Control | Physical controls | 32 |
| A.8 Technological controls | Control | Technological controls | 85 |
The Compliance Matrix is the verification document — every paragraph in scope on one PDF. The audit checklist bundle is the per-question working document (243 questions, 5 artefact formats).