ISO 22340

The scope of the project is described in the draft document ISO 22340 as: This document gives guidance on the enterprise protective security architecture and the framework of protective security policies, processes and controls necessary to mitigate and manage security risks across the protective security domains, including: a) security governance; b) personnel security; c) information security; d) cyber security; e) physical security. This document is applicable for any organization.