Skip to main content

Table 5 Percentage of sub-controls addressed per control

From: Mapping the coverage of security controls in cyber insurance proposal forms

ISO control

Percentage

Section 6: Organization of information security

37.50%

Section 7: Human resource security

34.70%

Section 8: Asset management

42.70%

Section 9: Access control

28.10%

Section 10: Cryptography

75%

Section 11: Physical and environmental security

35.40%

Section 12: Operations management

38.70%

Section 13 Communications security

14.60%

Section 14: System acquisition, development

6.90%

and maintenance

 

Section 15: Supplier relationships

29.20%

Section 16: Info security incident management

16.70%

Section 17: Business continuity management

50%

Section 18: Compliance

68.80%