ISO 27001 Control Mapping
Objective
Map implemented controls to ISO 27001 Annex A categories to ensure structural alignment with recognized standards.
Mapping Approach
Each internal control is associated with:
- ISO control reference
- Control objective
- Implementation evidence
Example
Internal Control: AC-01 – SSH Hardening ISO Reference: A.5.15 Access Control Evidence: Configuration review, firewall rules
Purpose of Mapping
- Improve traceability
- Prepare audit simulation
- Identify structural gaps