====== Cyber Security - Information Security Controls - Organization Controls ======

  * Policies for information security.
  * Information for security roles and responsibilities.
  * Segregation of duties.
  * Management responsibilities.
  * Contact with authorities.
  * Contact with special interest groups.
  * Threat intelligence.
  * Information in project management.
  * Inventory of information and other associated assets.
  * Acceptable use of information and other associated assets.
  * Return of assets.
  * Classification of information.
  * Labeling of information.
  * Information transfer.
  * Access control.
  * Identity management.
  * Authentication information.
  * Access rights.
  * Information security in supplier relationships.