127 controls distributed within 10 categories

1. 1. Information security policy
   2. Organizational security
   3. Asset classification and control
   4. Personnel security
   5. Physical & environmental security
   6. Communication & operations management
   7. Access control
   8. System development & maintenance
   9. Business continuity management
   10. Compliance

Uses a Plan/Do/Check/Act implementation and operation model that starts with a risk assessment to established the required security controls needed to adequately manage information security risks within the business processes

Used in conjunction with BS7799, it also establish documentation, revision, communication, training, auditing and continuous improvement requirements.

https://www.bestitdocuments.com/Samples