S 1 Common aspects

S 1.0 Security management

S 1.1 Organisation

S 1.2 Personnel

S 1.3 Business continuity management

S 1.4 Data backup policy

S 1.5 Data protection

S 1.6 Protection against malware

S 1.7 Crypto-concept

S 1.8 Handling security incidents

S 1.9 Hardware and software management

S 1.10 Standard software

S 1.11 Outsourcing

S 1.12 Archiving

S 1.13 Information security awareness and training

S 1.14 Patch and change management

S 1.15 Deleting and destroying data

S 1.16 Compliance management