COM — Compliance (COM)
4 criteria in the Compliance (COM) area
COM-01Identification of applicable legal, regulatory, self-imposed or contractual requirements
COM-02Policy for planning and conducting audits
COM-03Internal audits of the information security management system
COM-04Information on information security performance and management assessment of the ISMS