6.4.2.1
Management responsibilities
The control, implementation guidance and other information stated in ISO/IEC 27002:2013, 7.2.1 applies
6.4.2.2
Information security awareness, education and training
The control, implementation guidance and other information stated in ISO/IEC 27002:2013, 7.2.2 and the
following additional guidance applies:
6.4.2.3
Disciplinary procedures
The control, implementation guidance and other information stated in ISO/IEC 27002:2013, 7.2.3 applies.