Date: Jul 11, 2022, 11:46:47 AM
Date: Aug 3, 2022, 11:47:18 AM
Editor: Juan
Editor: Juan
Name: ISO/IEC 27701 [2019]
Name: ISO/IEC 27701 [2019]
Description: Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management
Description: Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management

f1{f1{
2    "authors": [2    "authors": [
3        "Jeremy Dannenmuller"3        "Jeremy Dannenmuller"
4    ],4    ],
5    "label": "ISO/IEC 27701 [2019]",5    "label": "ISO/IEC 27701 [2019]",
6    "language": "EN",6    "language": "EN",
t7    "refs": null,t7    "refs": "https://www.iso.org/standard/71670.html",
8    "uuid": "f65b378c-ab20-4651-825b-4da34944b519",8    "uuid": "f65b378c-ab20-4651-825b-4da34944b519",
9    "values": [9    "values": [
10        {10        {
11            "category": "Information security aspects of business continuity management",11            "category": "Information security aspects of business continuity management",
12            "code": "6.14.2.1",12            "code": "6.14.2.1",
13            "label": "Availability of information processing facilities",13            "label": "Availability of information processing facilities",
14            "referential": "f65b378c-ab20-4651-825b-4da34944b519",14            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
15            "referential_label": "ISO 27701",15            "referential_label": "ISO 27701",
16            "uuid": "00cb20cc-21a0-417a-9782-ed6587f1d6f5"16            "uuid": "00cb20cc-21a0-417a-9782-ed6587f1d6f5"
17        },17        },
18        {18        {
19            "category": "Information security policies",19            "category": "Information security policies",
20            "code": "6.2.1.1",20            "code": "6.2.1.1",
21            "label": "Policies for information security",21            "label": "Policies for information security",
22            "referential": "f65b378c-ab20-4651-825b-4da34944b519",22            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
23            "referential_label": "ISO 27701",23            "referential_label": "ISO 27701",
24            "uuid": "0225b44b-be7a-4cce-a4db-1d804e4d47c8"24            "uuid": "0225b44b-be7a-4cce-a4db-1d804e4d47c8"
25        },25        },
26        {26        {
27            "category": "Improvement",27            "category": "Improvement",
28            "code": "5.8.2",28            "code": "5.8.2",
29            "label": "Continual improvement",29            "label": "Continual improvement",
30            "referential": "f65b378c-ab20-4651-825b-4da34944b519",30            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
31            "referential_label": "ISO 27701",31            "referential_label": "ISO 27701",
32            "uuid": "029a9fae-c6a4-4b3c-8487-2ed20996a951"32            "uuid": "029a9fae-c6a4-4b3c-8487-2ed20996a951"
33        },33        },
34        {34        {
35            "category": "Communication security",35            "category": "Communication security",
36            "code": "6.10.2.3",36            "code": "6.10.2.3",
37            "label": "Electronic messaging",37            "label": "Electronic messaging",
38            "referential": "f65b378c-ab20-4651-825b-4da34944b519",38            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
39            "referential_label": "ISO 27701",39            "referential_label": "ISO 27701",
40            "uuid": "0320a79e-6c9f-45e3-90a0-c360e8f57b45"40            "uuid": "0320a79e-6c9f-45e3-90a0-c360e8f57b45"
41        },41        },
42        {42        {
43            "category": "PII sharing transfer and disclosure",43            "category": "PII sharing transfer and disclosure",
44            "code": "B.8.5.8",44            "code": "B.8.5.8",
45            "label": "Change of subcontractor to process PII",45            "label": "Change of subcontractor to process PII",
46            "referential": "f65b378c-ab20-4651-825b-4da34944b519",46            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
47            "referential_label": "ISO 27701",47            "referential_label": "ISO 27701",
48            "uuid": "0637458d-cb4d-47aa-9553-d3e86757aaaa"48            "uuid": "0637458d-cb4d-47aa-9553-d3e86757aaaa"
49        },49        },
50        {50        {
51            "category": "Physical and environment security",51            "category": "Physical and environment security",
52            "code": "6.8.1.3",52            "code": "6.8.1.3",
53            "label": "Securing offices rooms and facilities",53            "label": "Securing offices rooms and facilities",
54            "referential": "f65b378c-ab20-4651-825b-4da34944b519",54            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
55            "referential_label": "ISO 27701",55            "referential_label": "ISO 27701",
56            "uuid": "066dee47-1f12-4243-94bd-a89fbde7fd31"56            "uuid": "066dee47-1f12-4243-94bd-a89fbde7fd31"
57        },57        },
58        {58        {
59            "category": "Conditions for collection and processing",59            "category": "Conditions for collection and processing",
60            "code": "A.7.2.3",60            "code": "A.7.2.3",
61            "label": "Determine when and how consent is to be obtained",61            "label": "Determine when and how consent is to be obtained",
62            "referential": "f65b378c-ab20-4651-825b-4da34944b519",62            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
63            "referential_label": "ISO 27701",63            "referential_label": "ISO 27701",
64            "uuid": "06c65ef3-fc74-4e9f-b923-bc4b8da06454"64            "uuid": "06c65ef3-fc74-4e9f-b923-bc4b8da06454"
65        },65        },
66        {66        {
67            "category": "Asset Management",67            "category": "Asset Management",
68            "code": "6.5.1.2",68            "code": "6.5.1.2",
69            "label": "Ownership of Assets",69            "label": "Ownership of Assets",
70            "referential": "f65b378c-ab20-4651-825b-4da34944b519",70            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
71            "referential_label": "ISO 27701",71            "referential_label": "ISO 27701",
72            "uuid": "06eed3d5-8e62-42ff-a727-aee4d27a21a3"72            "uuid": "06eed3d5-8e62-42ff-a727-aee4d27a21a3"
73        },73        },
74        {74        {
75            "category": "Access control",75            "category": "Access control",
76            "code": "6.6.2.2",76            "code": "6.6.2.2",
77            "label": "User access provisionning",77            "label": "User access provisionning",
78            "referential": "f65b378c-ab20-4651-825b-4da34944b519",78            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
79            "referential_label": "ISO 27701",79            "referential_label": "ISO 27701",
80            "uuid": "0769cff8-adbc-4d3a-921d-622fbce40473"80            "uuid": "0769cff8-adbc-4d3a-921d-622fbce40473"
81        },81        },
82        {82        {
83            "category": "Organisation of information security",83            "category": "Organisation of information security",
84            "code": "6.3.1.2",84            "code": "6.3.1.2",
85            "label": "Segregation of duties",85            "label": "Segregation of duties",
86            "referential": "f65b378c-ab20-4651-825b-4da34944b519",86            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
87            "referential_label": "ISO 27701",87            "referential_label": "ISO 27701",
88            "uuid": "085873ce-e760-40cd-80a4-6f402785696f"88            "uuid": "085873ce-e760-40cd-80a4-6f402785696f"
89        },89        },
90        {90        {
91            "category": "Obligations to PII principals",91            "category": "Obligations to PII principals",
92            "code": "A.7.3.2",92            "code": "A.7.3.2",
93            "label": "Determining information for PII principals",93            "label": "Determining information for PII principals",
94            "referential": "f65b378c-ab20-4651-825b-4da34944b519",94            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
95            "referential_label": "ISO 27701",95            "referential_label": "ISO 27701",
96            "uuid": "087dde64-823a-495c-92ec-8a282577821f"96            "uuid": "087dde64-823a-495c-92ec-8a282577821f"
97        },97        },
98        {98        {
99            "category": "Context of the organization",99            "category": "Context of the organization",
100            "code": "5.2.4",100            "code": "5.2.4",
101            "label": "Information security management system",101            "label": "Information security management system",
102            "referential": "f65b378c-ab20-4651-825b-4da34944b519",102            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
103            "referential_label": "ISO 27701",103            "referential_label": "ISO 27701",
104            "uuid": "0af7c1ab-dad9-4aa2-aefb-4e5dbf4805c7"104            "uuid": "0af7c1ab-dad9-4aa2-aefb-4e5dbf4805c7"
105        },105        },
106        {106        {
107            "category": "Access control",107            "category": "Access control",
108            "code": "6.6.4.2",108            "code": "6.6.4.2",
109            "label": "Secure log-on procedures",109            "label": "Secure log-on procedures",
110            "referential": "f65b378c-ab20-4651-825b-4da34944b519",110            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
111            "referential_label": "ISO 27701",111            "referential_label": "ISO 27701",
112            "uuid": "0d503be4-a66d-4f49-b960-a987f6aface6"112            "uuid": "0d503be4-a66d-4f49-b960-a987f6aface6"
113        },113        },
114        {114        {
115            "category": "Organisation of information security",115            "category": "Organisation of information security",
116            "code": "6.3.1.5",116            "code": "6.3.1.5",
117            "label": "Information security in project management",117            "label": "Information security in project management",
118            "referential": "f65b378c-ab20-4651-825b-4da34944b519",118            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
119            "referential_label": "ISO 27701",119            "referential_label": "ISO 27701",
120            "uuid": "0e6f5f89-2755-4448-8183-da973df45b83"120            "uuid": "0e6f5f89-2755-4448-8183-da973df45b83"
121        },121        },
122        {122        {
123            "category": "PII sharing transfer and disclosure",123            "category": "PII sharing transfer and disclosure",
124            "code": "B.8.5.1",124            "code": "B.8.5.1",
125            "label": "Basis for PII transfer between jurisdictions",125            "label": "Basis for PII transfer between jurisdictions",
126            "referential": "f65b378c-ab20-4651-825b-4da34944b519",126            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
127            "referential_label": "ISO 27701",127            "referential_label": "ISO 27701",
128            "uuid": "0f6b0b0e-403e-4695-9c32-8bdd4ad17718"128            "uuid": "0f6b0b0e-403e-4695-9c32-8bdd4ad17718"
129        },129        },
130        {130        {
131            "category": "Asset Management",131            "category": "Asset Management",
132            "code": "6.5.1.1",132            "code": "6.5.1.1",
133            "label": "Inventory of Assets",133            "label": "Inventory of Assets",
134            "referential": "f65b378c-ab20-4651-825b-4da34944b519",134            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
135            "referential_label": "ISO 27701",135            "referential_label": "ISO 27701",
136            "uuid": "0fd4927b-596a-42f6-b155-052785edbfc5"136            "uuid": "0fd4927b-596a-42f6-b155-052785edbfc5"
137        },137        },
138        {138        {
139            "category": "Operations security",139            "category": "Operations security",
140            "code": "6.9.1.3",140            "code": "6.9.1.3",
141            "label": "Capacity management",141            "label": "Capacity management",
142            "referential": "f65b378c-ab20-4651-825b-4da34944b519",142            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
143            "referential_label": "ISO 27701",143            "referential_label": "ISO 27701",
144            "uuid": "103a6955-e9f8-4b66-91ba-bf2cc0e0e8fe"144            "uuid": "103a6955-e9f8-4b66-91ba-bf2cc0e0e8fe"
145        },145        },
146        {146        {
147            "category": "Compliance",147            "category": "Compliance",
148            "code": "6.15.1.2",148            "code": "6.15.1.2",
149            "label": "Intellectual property rights",149            "label": "Intellectual property rights",
150            "referential": "f65b378c-ab20-4651-825b-4da34944b519",150            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
151            "referential_label": "ISO 27701",151            "referential_label": "ISO 27701",
152            "uuid": "1285dd9e-108d-4ecf-bccf-8a3f4807963a"152            "uuid": "1285dd9e-108d-4ecf-bccf-8a3f4807963a"
153        },153        },
154        {154        {
155            "category": "Privacy by design and privacy by default",155            "category": "Privacy by design and privacy by default",
156            "code": "B.8.4.3",156            "code": "B.8.4.3",
157            "label": "PII transmission controls",157            "label": "PII transmission controls",
158            "referential": "f65b378c-ab20-4651-825b-4da34944b519",158            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
159            "referential_label": "ISO 27701",159            "referential_label": "ISO 27701",
160            "uuid": "1416da16-528c-45f4-b1b9-6a305ae1c81f"160            "uuid": "1416da16-528c-45f4-b1b9-6a305ae1c81f"
161        },161        },
162        {162        {
163            "category": "Systems acquisition development and maintenance",163            "category": "Systems acquisition development and maintenance",
164            "code": "6.11.2.6",164            "code": "6.11.2.6",
165            "label": "Secure Development Environment",165            "label": "Secure Development Environment",
166            "referential": "f65b378c-ab20-4651-825b-4da34944b519",166            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
167            "referential_label": "ISO 27701",167            "referential_label": "ISO 27701",
168            "uuid": "16b30180-3754-43da-8bdb-9528fc5e6cde"168            "uuid": "16b30180-3754-43da-8bdb-9528fc5e6cde"
169        },169        },
170        {170        {
171            "category": "Asset Management",171            "category": "Asset Management",
172            "code": "6.5.1.4",172            "code": "6.5.1.4",
173            "label": "Return of Assets",173            "label": "Return of Assets",
174            "referential": "f65b378c-ab20-4651-825b-4da34944b519",174            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
175            "referential_label": "ISO 27701",175            "referential_label": "ISO 27701",
176            "uuid": "18c97f9e-20c9-48a4-b1db-b3ba08a6fd4a"176            "uuid": "18c97f9e-20c9-48a4-b1db-b3ba08a6fd4a"
177        },177        },
178        {178        {
179            "category": "Systems acquisition development and maintenance",179            "category": "Systems acquisition development and maintenance",
180            "code": "6.11.2.8",180            "code": "6.11.2.8",
181            "label": "System security testing",181            "label": "System security testing",
182            "referential": "f65b378c-ab20-4651-825b-4da34944b519",182            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
183            "referential_label": "ISO 27701",183            "referential_label": "ISO 27701",
184            "uuid": "190024e1-afae-4346-b094-9f84f6d2e759"184            "uuid": "190024e1-afae-4346-b094-9f84f6d2e759"
185        },185        },
186        {186        {
187            "category": "Human resources security",187            "category": "Human resources security",
188            "code": "6.4.1.2",188            "code": "6.4.1.2",
189            "label": "Terms and conditions of employment",189            "label": "Terms and conditions of employment",
190            "referential": "f65b378c-ab20-4651-825b-4da34944b519",190            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
191            "referential_label": "ISO 27701",191            "referential_label": "ISO 27701",
192            "uuid": "19e032bb-b8b3-40a1-b976-4ac29f8ef613"192            "uuid": "19e032bb-b8b3-40a1-b976-4ac29f8ef613"
193        },193        },
194        {194        {
195            "category": "Privacy by design and privacy by default",195            "category": "Privacy by design and privacy by default",
196            "code": "A.7.4.6",196            "code": "A.7.4.6",
197            "label": "Temporary files",197            "label": "Temporary files",
198            "referential": "f65b378c-ab20-4651-825b-4da34944b519",198            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
199            "referential_label": "ISO 27701",199            "referential_label": "ISO 27701",
200            "uuid": "1ad68deb-f72a-4f4c-816b-fb755544777e"200            "uuid": "1ad68deb-f72a-4f4c-816b-fb755544777e"
201        },201        },
202        {202        {
203            "category": "Compliance",203            "category": "Compliance",
204            "code": "6.15.2.2",204            "code": "6.15.2.2",
205            "label": "Compliance with security policies and standards",205            "label": "Compliance with security policies and standards",
206            "referential": "f65b378c-ab20-4651-825b-4da34944b519",206            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
207            "referential_label": "ISO 27701",207            "referential_label": "ISO 27701",
208            "uuid": "1bdbc783-3069-42f5-a4f7-745c0290be02"208            "uuid": "1bdbc783-3069-42f5-a4f7-745c0290be02"
209        },209        },
210        {210        {
211            "category": "Systems acquisition development and maintenance",211            "category": "Systems acquisition development and maintenance",
212            "code": "6.11.2.2",212            "code": "6.11.2.2",
213            "label": "System change control procedures",213            "label": "System change control procedures",
214            "referential": "f65b378c-ab20-4651-825b-4da34944b519",214            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
215            "referential_label": "ISO 27701",215            "referential_label": "ISO 27701",
216            "uuid": "1d0c7281-35c6-403c-9c9b-40e9826e73e3"216            "uuid": "1d0c7281-35c6-403c-9c9b-40e9826e73e3"
217        },217        },
218        {218        {
219            "category": "Compliance",219            "category": "Compliance",
220            "code": "6.15.1.5",220            "code": "6.15.1.5",
221            "label": "Regulation of cryptographic controls",221            "label": "Regulation of cryptographic controls",
222            "referential": "f65b378c-ab20-4651-825b-4da34944b519",222            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
223            "referential_label": "ISO 27701",223            "referential_label": "ISO 27701",
224            "uuid": "1d6c8b29-418c-4a68-89e8-55ce63bed691"224            "uuid": "1d6c8b29-418c-4a68-89e8-55ce63bed691"
225        },225        },
226        {226        {
227            "category": "Access control",227            "category": "Access control",
228            "code": "6.6.2.1",228            "code": "6.6.2.1",
229            "label": "User registration and de-registration",229            "label": "User registration and de-registration",
230            "referential": "f65b378c-ab20-4651-825b-4da34944b519",230            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
231            "referential_label": "ISO 27701",231            "referential_label": "ISO 27701",
232            "uuid": "1ee8390e-ebeb-4253-ae87-49358ff8730f"232            "uuid": "1ee8390e-ebeb-4253-ae87-49358ff8730f"
233        },233        },
234        {234        {
235            "category": "Conditions for collection and processing",235            "category": "Conditions for collection and processing",
236            "code": "A.7.2.4",236            "code": "A.7.2.4",
237            "label": "Obtain and record consent",237            "label": "Obtain and record consent",
238            "referential": "f65b378c-ab20-4651-825b-4da34944b519",238            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
239            "referential_label": "ISO 27701",239            "referential_label": "ISO 27701",
240            "uuid": "1f597457-a336-4e09-b660-2a680154b8b0"240            "uuid": "1f597457-a336-4e09-b660-2a680154b8b0"
241        },241        },
242        {242        {
243            "category": "Support",243            "category": "Support",
244            "code": "5.5.1",244            "code": "5.5.1",
245            "label": "Resources",245            "label": "Resources",
246            "referential": "f65b378c-ab20-4651-825b-4da34944b519",246            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
247            "referential_label": "ISO 27701",247            "referential_label": "ISO 27701",
248            "uuid": "1fc549c9-c0dd-407a-9648-c3fe0869bc67"248            "uuid": "1fc549c9-c0dd-407a-9648-c3fe0869bc67"
249        },249        },
250        {250        {
251            "category": "Access control",251            "category": "Access control",
252            "code": "6.6.4.5",252            "code": "6.6.4.5",
253            "label": "Access control to program source code",253            "label": "Access control to program source code",
254            "referential": "f65b378c-ab20-4651-825b-4da34944b519",254            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
255            "referential_label": "ISO 27701",255            "referential_label": "ISO 27701",
256            "uuid": "203fb144-2604-4162-b5c9-f40d22ba2fee"256            "uuid": "203fb144-2604-4162-b5c9-f40d22ba2fee"
257        },257        },
258        {258        {
259            "category": "Information security incident management",259            "category": "Information security incident management",
260            "code": "6.13.1.7",260            "code": "6.13.1.7",
261            "label": "Collection of evidence",261            "label": "Collection of evidence",
262            "referential": "f65b378c-ab20-4651-825b-4da34944b519",262            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
263            "referential_label": "ISO 27701",263            "referential_label": "ISO 27701",
264            "uuid": "238e2cbd-9c07-4f08-b2f5-1f43df4a4c11"264            "uuid": "238e2cbd-9c07-4f08-b2f5-1f43df4a4c11"
265        },265        },
266        {266        {
267            "category": "Improvement",267            "category": "Improvement",
268            "code": "5.8.1",268            "code": "5.8.1",
269            "label": "Nonconformity and corrective action",269            "label": "Nonconformity and corrective action",
270            "referential": "f65b378c-ab20-4651-825b-4da34944b519",270            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
271            "referential_label": "ISO 27701",271            "referential_label": "ISO 27701",
272            "uuid": "256ae75a-a97f-46c8-b022-e4525a52c177"272            "uuid": "256ae75a-a97f-46c8-b022-e4525a52c177"
273        },273        },
274        {274        {
275            "category": "Access control",275            "category": "Access control",
276            "code": "6.6.2.4",276            "code": "6.6.2.4",
277            "label": "Management of secret authentication information of users",277            "label": "Management of secret authentication information of users",
278            "referential": "f65b378c-ab20-4651-825b-4da34944b519",278            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
279            "referential_label": "ISO 27701",279            "referential_label": "ISO 27701",
280            "uuid": "27b2e55d-2709-4a74-b75f-89ffa80b0096"280            "uuid": "27b2e55d-2709-4a74-b75f-89ffa80b0096"
281        },281        },
282        {282        {
283            "category": "Actions to address risks and opportunities",283            "category": "Actions to address risks and opportunities",
284            "code": "5.4.1.2",284            "code": "5.4.1.2",
285            "label": "Information Security Risk Assessment",285            "label": "Information Security Risk Assessment",
286            "referential": "f65b378c-ab20-4651-825b-4da34944b519",286            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
287            "referential_label": "ISO 27701",287            "referential_label": "ISO 27701",
288            "uuid": "28849802-7b7e-46dd-b720-b2bc4db6a67b"288            "uuid": "28849802-7b7e-46dd-b720-b2bc4db6a67b"
289        },289        },
290        {290        {
291            "category": "Organisation of information security",291            "category": "Organisation of information security",
292            "code": "6.3.1.4",292            "code": "6.3.1.4",
293            "label": "Contact with special interest groups",293            "label": "Contact with special interest groups",
294            "referential": "f65b378c-ab20-4651-825b-4da34944b519",294            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
295            "referential_label": "ISO 27701",295            "referential_label": "ISO 27701",
296            "uuid": "2a8bce28-154e-4d0d-b829-fee0cd93f861"296            "uuid": "2a8bce28-154e-4d0d-b829-fee0cd93f861"
297        },297        },
298        {298        {
299            "category": "Information security aspects of business continuity management",299            "category": "Information security aspects of business continuity management",
300            "code": "6.14.1.3",300            "code": "6.14.1.3",
301            "label": "Verify review and evaluate information security continuity",301            "label": "Verify review and evaluate information security continuity",
302            "referential": "f65b378c-ab20-4651-825b-4da34944b519",302            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
303            "referential_label": "ISO 27701",303            "referential_label": "ISO 27701",
304            "uuid": "2a93cf52-ffa5-4da5-85b2-ad39d456cb0d"304            "uuid": "2a93cf52-ffa5-4da5-85b2-ad39d456cb0d"
305        },305        },
306        {306        {
307            "category": "Information security policies",307            "category": "Information security policies",
308            "code": "6.2.1.2",308            "code": "6.2.1.2",
309            "label": "Review of the policies for information security",309            "label": "Review of the policies for information security",
310            "referential": "f65b378c-ab20-4651-825b-4da34944b519",310            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
311            "referential_label": "ISO 27701",311            "referential_label": "ISO 27701",
312            "uuid": "2abce681-3b58-4c4f-ae56-03eba536e201"312            "uuid": "2abce681-3b58-4c4f-ae56-03eba536e201"
313        },313        },
314        {314        {
315            "category": "Physical and environment security",315            "category": "Physical and environment security",
316            "code": "6.8.1.4",316            "code": "6.8.1.4",
317            "label": "Protecting against external and environmental threats",317            "label": "Protecting against external and environmental threats",
318            "referential": "f65b378c-ab20-4651-825b-4da34944b519",318            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
319            "referential_label": "ISO 27701",319            "referential_label": "ISO 27701",
320            "uuid": "2c979e09-e057-4cb5-b6b7-800842783110"320            "uuid": "2c979e09-e057-4cb5-b6b7-800842783110"
321        },321        },
322        {322        {
323            "category": "Compliance",323            "category": "Compliance",
324            "code": "6.15.2.1",324            "code": "6.15.2.1",
325            "label": "Independent review of information security",325            "label": "Independent review of information security",
326            "referential": "f65b378c-ab20-4651-825b-4da34944b519",326            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
327            "referential_label": "ISO 27701",327            "referential_label": "ISO 27701",
328            "uuid": "2f712e97-a7bc-40cb-9552-216fd30ef148"328            "uuid": "2f712e97-a7bc-40cb-9552-216fd30ef148"
329        },329        },
330        {330        {
331            "category": "Privacy by design and privacy by default",331            "category": "Privacy by design and privacy by default",
332            "code": "B.8.4.2",332            "code": "B.8.4.2",
333            "label": "Return transfer or disposal of PII",333            "label": "Return transfer or disposal of PII",
334            "referential": "f65b378c-ab20-4651-825b-4da34944b519",334            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
335            "referential_label": "ISO 27701",335            "referential_label": "ISO 27701",
336            "uuid": "30525d18-fe33-4813-9519-7816bce5723f"336            "uuid": "30525d18-fe33-4813-9519-7816bce5723f"
337        },337        },
338        {338        {
339            "category": "Information security incident management",339            "category": "Information security incident management",
340            "code": "6.13.1.1",340            "code": "6.13.1.1",
341            "label": "Responsibilities and procedures",341            "label": "Responsibilities and procedures",
342            "referential": "f65b378c-ab20-4651-825b-4da34944b519",342            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
343            "referential_label": "ISO 27701",343            "referential_label": "ISO 27701",
344            "uuid": "30817081-369d-410d-8db7-25f43a1abd43"344            "uuid": "30817081-369d-410d-8db7-25f43a1abd43"
345        },345        },
346        {346        {
347            "category": "Systems acquisition development and maintenance",347            "category": "Systems acquisition development and maintenance",
348            "code": "6.11.1.2",348            "code": "6.11.1.2",
349            "label": "Securing application services on public networks",349            "label": "Securing application services on public networks",
350            "referential": "f65b378c-ab20-4651-825b-4da34944b519",350            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
351            "referential_label": "ISO 27701",351            "referential_label": "ISO 27701",
352            "uuid": "35ef0801-fa39-478f-94a4-cffaf3f2107c"352            "uuid": "35ef0801-fa39-478f-94a4-cffaf3f2107c"
353        },353        },
354        {354        {
355            "category": "Context of the organization",355            "category": "Context of the organization",
356            "code": "5.2.3",356            "code": "5.2.3",
357            "label": "Determining the scope of the information security management system",357            "label": "Determining the scope of the information security management system",
358            "referential": "f65b378c-ab20-4651-825b-4da34944b519",358            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
359            "referential_label": "ISO 27701",359            "referential_label": "ISO 27701",
360            "uuid": "36ebd0b0-ab2d-4a7e-b98a-aa048fb6c84e"360            "uuid": "36ebd0b0-ab2d-4a7e-b98a-aa048fb6c84e"
361        },361        },
362        {362        {
363            "category": "Communication security",363            "category": "Communication security",
364            "code": "6.10.1.3",364            "code": "6.10.1.3",
365            "label": "Segregation in networks",365            "label": "Segregation in networks",
366            "referential": "f65b378c-ab20-4651-825b-4da34944b519",366            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
367            "referential_label": "ISO 27701",367            "referential_label": "ISO 27701",
368            "uuid": "37d74fdf-8f6d-4197-a298-a30c646a5f53"368            "uuid": "37d74fdf-8f6d-4197-a298-a30c646a5f53"
369        },369        },
370        {370        {
371            "category": "Operations security",371            "category": "Operations security",
372            "code": "6.9.1.2",372            "code": "6.9.1.2",
373            "label": "Change management",373            "label": "Change management",
374            "referential": "f65b378c-ab20-4651-825b-4da34944b519",374            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
375            "referential_label": "ISO 27701",375            "referential_label": "ISO 27701",
376            "uuid": "389d1443-d248-4f66-b980-bbdcb50e6c15"376            "uuid": "389d1443-d248-4f66-b980-bbdcb50e6c15"
377        },377        },
378        {378        {
379            "category": "Human resources security",379            "category": "Human resources security",
380            "code": "6.4.2.2",380            "code": "6.4.2.2",
381            "label": "Information security awareness education and training",381            "label": "Information security awareness education and training",
382            "referential": "f65b378c-ab20-4651-825b-4da34944b519",382            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
383            "referential_label": "ISO 27701",383            "referential_label": "ISO 27701",
384            "uuid": "3a003a78-d047-4ac0-941c-7ad67491d421"384            "uuid": "3a003a78-d047-4ac0-941c-7ad67491d421"
385        },385        },
386        {386        {
387            "category": "Conditions for collection and processing",387            "category": "Conditions for collection and processing",
388            "code": "A.7.2.6",388            "code": "A.7.2.6",
389            "label": "Contracts with PII processors",389            "label": "Contracts with PII processors",
390            "referential": "f65b378c-ab20-4651-825b-4da34944b519",390            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
391            "referential_label": "ISO 27701",391            "referential_label": "ISO 27701",
392            "uuid": "3bbc82c8-7c23-4e11-9c3d-c8a8c19dd08c"392            "uuid": "3bbc82c8-7c23-4e11-9c3d-c8a8c19dd08c"
393        },393        },
394        {394        {
395            "category": "Privacy by design and privacy by default",395            "category": "Privacy by design and privacy by default",
396            "code": "A.7.4.2",396            "code": "A.7.4.2",
397            "label": "Limit processing",397            "label": "Limit processing",
398            "referential": "f65b378c-ab20-4651-825b-4da34944b519",398            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
399            "referential_label": "ISO 27701",399            "referential_label": "ISO 27701",
400            "uuid": "3dafed59-ef7c-43fc-814c-a17c832b319f"400            "uuid": "3dafed59-ef7c-43fc-814c-a17c832b319f"
401        },401        },
402        {402        {
403            "category": "Physical and environment security",403            "category": "Physical and environment security",
404            "code": "6.8.1.2",404            "code": "6.8.1.2",
405            "label": "Physical entry controls",405            "label": "Physical entry controls",
406            "referential": "f65b378c-ab20-4651-825b-4da34944b519",406            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
407            "referential_label": "ISO 27701",407            "referential_label": "ISO 27701",
408            "uuid": "3f68a76b-6c1d-4fcb-952e-c2e9de3d9363"408            "uuid": "3f68a76b-6c1d-4fcb-952e-c2e9de3d9363"
409        },409        },
410        {410        {
411            "category": "Support",411            "category": "Support",
412            "code": "5.5.2",412            "code": "5.5.2",
413            "label": "Competence",413            "label": "Competence",
414            "referential": "f65b378c-ab20-4651-825b-4da34944b519",414            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
415            "referential_label": "ISO 27701",415            "referential_label": "ISO 27701",
416            "uuid": "3fa8deba-8222-473b-b966-dff98dd64a3e"416            "uuid": "3fa8deba-8222-473b-b966-dff98dd64a3e"
417        },417        },
418        {418        {
419            "category": "Human resources security",419            "category": "Human resources security",
420            "code": "6.4.1.1",420            "code": "6.4.1.1",
421            "label": "Screening",421            "label": "Screening",
422            "referential": "f65b378c-ab20-4651-825b-4da34944b519",422            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
423            "referential_label": "ISO 27701",423            "referential_label": "ISO 27701",
424            "uuid": "40d912e5-c0d5-44c6-90eb-bdd3a9f7d5c4"424            "uuid": "40d912e5-c0d5-44c6-90eb-bdd3a9f7d5c4"
425        },425        },
426        {426        {
427            "category": "Obligations to PII principals",427            "category": "Obligations to PII principals",
428            "code": "A.7.3.8",428            "code": "A.7.3.8",
429            "label": "Providing copy of PII processed",429            "label": "Providing copy of PII processed",
430            "referential": "f65b378c-ab20-4651-825b-4da34944b519",430            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
431            "referential_label": "ISO 27701",431            "referential_label": "ISO 27701",
432            "uuid": "442e6409-082e-4613-b000-49d141240fc5"432            "uuid": "442e6409-082e-4613-b000-49d141240fc5"
433        },433        },
434        {434        {
435            "category": "Systems acquisition development and maintenance",435            "category": "Systems acquisition development and maintenance",
436            "code": "6.11.2.3",436            "code": "6.11.2.3",
437            "label": "Technical review of applications after operating platform changes",437            "label": "Technical review of applications after operating platform changes",
438            "referential": "f65b378c-ab20-4651-825b-4da34944b519",438            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
439            "referential_label": "ISO 27701",439            "referential_label": "ISO 27701",
440            "uuid": "4607f451-23b6-40ed-89f2-71cb91a4d282"440            "uuid": "4607f451-23b6-40ed-89f2-71cb91a4d282"
441        },441        },
442        {442        {
443            "category": "Support",443            "category": "Support",
444            "code": "5.5.5.2",444            "code": "5.5.5.2",
445            "label": "Creating and updating",445            "label": "Creating and updating",
446            "referential": "f65b378c-ab20-4651-825b-4da34944b519",446            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
447            "referential_label": "ISO 27701",447            "referential_label": "ISO 27701",
448            "uuid": "4630e54e-2bfb-462e-b88d-4392efe7f276"448            "uuid": "4630e54e-2bfb-462e-b88d-4392efe7f276"
449        },449        },
450        {450        {
451            "category": "Support",451            "category": "Support",
452            "code": "5.5.3",452            "code": "5.5.3",
453            "label": "Awareness",453            "label": "Awareness",
454            "referential": "f65b378c-ab20-4651-825b-4da34944b519",454            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
455            "referential_label": "ISO 27701",455            "referential_label": "ISO 27701",
456            "uuid": "466033e1-6c60-4db2-bf61-ebcae6645a0b"456            "uuid": "466033e1-6c60-4db2-bf61-ebcae6645a0b"
457        },457        },
458        {458        {
459            "category": "Operation",459            "category": "Operation",
460            "code": "5.6.2",460            "code": "5.6.2",
461            "label": "Information security risk assessment",461            "label": "Information security risk assessment",
462            "referential": "f65b378c-ab20-4651-825b-4da34944b519",462            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
463            "referential_label": "ISO 27701",463            "referential_label": "ISO 27701",
464            "uuid": "4c9f0ab8-778b-4c94-aea9-68921b5ad148"464            "uuid": "4c9f0ab8-778b-4c94-aea9-68921b5ad148"
465        },465        },
466        {466        {
467            "category": "Communication security",467            "category": "Communication security",
468            "code": "6.10.2.2",468            "code": "6.10.2.2",
469            "label": "Agreements on information transfer",469            "label": "Agreements on information transfer",
470            "referential": "f65b378c-ab20-4651-825b-4da34944b519",470            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
471            "referential_label": "ISO 27701",471            "referential_label": "ISO 27701",
472            "uuid": "4cfd17b6-5841-4fa7-8d3b-227af4d3b652"472            "uuid": "4cfd17b6-5841-4fa7-8d3b-227af4d3b652"
473        },473        },
474        {474        {
475            "category": "Context of the organization",475            "category": "Context of the organization",
476            "code": "5.2.1",476            "code": "5.2.1",
477            "label": "Understanding the organization and its context",477            "label": "Understanding the organization and its context",
478            "referential": "f65b378c-ab20-4651-825b-4da34944b519",478            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
479            "referential_label": "ISO 27701",479            "referential_label": "ISO 27701",
480            "uuid": "514811fc-ca1a-49be-89cc-57f0042a77aa"480            "uuid": "514811fc-ca1a-49be-89cc-57f0042a77aa"
481        },481        },
482        {482        {
483            "category": "Cryptography",483            "category": "Cryptography",
484            "code": "6.7.1.1",484            "code": "6.7.1.1",
485            "label": "Policy on the use of cryptographic controls",485            "label": "Policy on the use of cryptographic controls",
486            "referential": "f65b378c-ab20-4651-825b-4da34944b519",486            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
487            "referential_label": "ISO 27701",487            "referential_label": "ISO 27701",
488            "uuid": "53e91bf7-76ed-4cb8-b308-21f1dbd52aa3"488            "uuid": "53e91bf7-76ed-4cb8-b308-21f1dbd52aa3"
489        },489        },
490        {490        {
491            "category": "Information security incident management",491            "category": "Information security incident management",
492            "code": "6.13.1.2",492            "code": "6.13.1.2",
493            "label": "Reporting information security events",493            "label": "Reporting information security events",
494            "referential": "f65b378c-ab20-4651-825b-4da34944b519",494            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
495            "referential_label": "ISO 27701",495            "referential_label": "ISO 27701",
496            "uuid": "54d38b77-2e5c-4c4e-b47b-b936518e8094"496            "uuid": "54d38b77-2e5c-4c4e-b47b-b936518e8094"
497        },497        },
498        {498        {
499            "category": "Access control",499            "category": "Access control",
500            "code": "6.6.3.1",500            "code": "6.6.3.1",
501            "label": "Use of secret authentication information",501            "label": "Use of secret authentication information",
502            "referential": "f65b378c-ab20-4651-825b-4da34944b519",502            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
503            "referential_label": "ISO 27701",503            "referential_label": "ISO 27701",
504            "uuid": "55f0123d-1c82-4352-8700-03a66e9d72fc"504            "uuid": "55f0123d-1c82-4352-8700-03a66e9d72fc"
505        },505        },
506        {506        {
507            "category": "Privacy by design and privacy by default",507            "category": "Privacy by design and privacy by default",
508            "code": "A.7.4.5",508            "code": "A.7.4.5",
509            "label": "PII de-identification and deletion at the end of processing",509            "label": "PII de-identification and deletion at the end of processing",
510            "referential": "f65b378c-ab20-4651-825b-4da34944b519",510            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
511            "referential_label": "ISO 27701",511            "referential_label": "ISO 27701",
512            "uuid": "56844655-7f50-46ec-bfc1-6d40fa74b31b"512            "uuid": "56844655-7f50-46ec-bfc1-6d40fa74b31b"
513        },513        },
514        {514        {
515            "category": "PII sharing transfer and disclosure",515            "category": "PII sharing transfer and disclosure",
516            "code": "B.8.5.5",516            "code": "B.8.5.5",
517            "label": "Legally binding PII disclosures",517            "label": "Legally binding PII disclosures",
518            "referential": "f65b378c-ab20-4651-825b-4da34944b519",518            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
519            "referential_label": "ISO 27701",519            "referential_label": "ISO 27701",
520            "uuid": "56dc629e-506a-4502-b42d-a49e72ed7ec9"520            "uuid": "56dc629e-506a-4502-b42d-a49e72ed7ec9"
521        },521        },
522        {522        {
523            "category": "Physical and environment security",523            "category": "Physical and environment security",
524            "code": "6.8.1.5",524            "code": "6.8.1.5",
525            "label": "Working in secure areas",525            "label": "Working in secure areas",
526            "referential": "f65b378c-ab20-4651-825b-4da34944b519",526            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
527            "referential_label": "ISO 27701",527            "referential_label": "ISO 27701",
528            "uuid": "58c52280-09b2-4c91-ab59-eb995f5688fd"528            "uuid": "58c52280-09b2-4c91-ab59-eb995f5688fd"
529        },529        },
530        {530        {
531            "category": "Access control",531            "category": "Access control",
532            "code": "6.6.1.1",532            "code": "6.6.1.1",
533            "label": "Access control policy",533            "label": "Access control policy",
534            "referential": "f65b378c-ab20-4651-825b-4da34944b519",534            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
535            "referential_label": "ISO 27701",535            "referential_label": "ISO 27701",
536            "uuid": "5cdeff98-2016-4d39-858e-3fc915185b52"536            "uuid": "5cdeff98-2016-4d39-858e-3fc915185b52"
537        },537        },
538        {538        {
539            "category": "Organisation of information security",539            "category": "Organisation of information security",
540            "code": "6.3.1.1",540            "code": "6.3.1.1",
541            "label": "Information security roles and responsibilities",541            "label": "Information security roles and responsibilities",
542            "referential": "f65b378c-ab20-4651-825b-4da34944b519",542            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
543            "referential_label": "ISO 27701",543            "referential_label": "ISO 27701",
544            "uuid": "64cdbec6-e81c-4baf-92bf-1ce53cf3d8b2"544            "uuid": "64cdbec6-e81c-4baf-92bf-1ce53cf3d8b2"
545        },545        },
546        {546        {
547            "category": "Support",547            "category": "Support",
548            "code": "5.5.5.1",548            "code": "5.5.5.1",
549            "label": "General",549            "label": "General",
550            "referential": "f65b378c-ab20-4651-825b-4da34944b519",550            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
551            "referential_label": "ISO 27701",551            "referential_label": "ISO 27701",
552            "uuid": "65f112a9-3b20-4f18-950b-085d0be3f114"552            "uuid": "65f112a9-3b20-4f18-950b-085d0be3f114"
553        },553        },
554        {554        {
555            "category": "Operations security",555            "category": "Operations security",
556            "code": "6.9.6.2",556            "code": "6.9.6.2",
557            "label": "Restrictions on software installation",557            "label": "Restrictions on software installation",
558            "referential": "f65b378c-ab20-4651-825b-4da34944b519",558            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
559            "referential_label": "ISO 27701",559            "referential_label": "ISO 27701",
560            "uuid": "66d4273e-98cd-4d08-9acb-08ba787db13a"560            "uuid": "66d4273e-98cd-4d08-9acb-08ba787db13a"
561        },561        },
562        {562        {
563            "category": "Support",563            "category": "Support",
564            "code": "5.5.5.3",564            "code": "5.5.5.3",
565            "label": "Control of documented information",565            "label": "Control of documented information",
566            "referential": "f65b378c-ab20-4651-825b-4da34944b519",566            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
567            "referential_label": "ISO 27701",567            "referential_label": "ISO 27701",
568            "uuid": "6780dda7-2c33-496b-81e3-9d868f47b61d"568            "uuid": "6780dda7-2c33-496b-81e3-9d868f47b61d"
569        },569        },
570        {570        {
571            "category": "Physical and environment security",571            "category": "Physical and environment security",
572            "code": "6.8.2.9",572            "code": "6.8.2.9",
573            "label": "Clear desk and clear screen policy",573            "label": "Clear desk and clear screen policy",
574            "referential": "f65b378c-ab20-4651-825b-4da34944b519",574            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
575            "referential_label": "ISO 27701",575            "referential_label": "ISO 27701",
576            "uuid": "67d95c58-fdf0-439d-8ce6-277238136141"576            "uuid": "67d95c58-fdf0-439d-8ce6-277238136141"
577        },577        },
578        {578        {
579            "category": "Operations security",579            "category": "Operations security",
580            "code": "6.9.5.1",580            "code": "6.9.5.1",
581            "label": "Installation of software on operational systems",581            "label": "Installation of software on operational systems",
582            "referential": "f65b378c-ab20-4651-825b-4da34944b519",582            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
583            "referential_label": "ISO 27701",583            "referential_label": "ISO 27701",
584            "uuid": "6a78d184-cc44-461e-af3d-3ebc8380b78f"584            "uuid": "6a78d184-cc44-461e-af3d-3ebc8380b78f"
585        },585        },
586        {586        {
587            "category": "Systems acquisition development and maintenance",587            "category": "Systems acquisition development and maintenance",
588            "code": "6.11.2.7",588            "code": "6.11.2.7",
589            "label": "Outsourced development",589            "label": "Outsourced development",
590            "referential": "f65b378c-ab20-4651-825b-4da34944b519",590            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
591            "referential_label": "ISO 27701",591            "referential_label": "ISO 27701",
592            "uuid": "6ac5a193-c021-4df4-abd1-bb0aed4af36a"592            "uuid": "6ac5a193-c021-4df4-abd1-bb0aed4af36a"
593        },593        },
594        {594        {
595            "category": "Information security incident management",595            "category": "Information security incident management",
596            "code": "6.13.1.4",596            "code": "6.13.1.4",
597            "label": "Assessment of and decision on information security events",597            "label": "Assessment of and decision on information security events",
598            "referential": "f65b378c-ab20-4651-825b-4da34944b519",598            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
599            "referential_label": "ISO 27701",599            "referential_label": "ISO 27701",
600            "uuid": "6c50d8a4-6793-479b-84af-f3cf94fe4102"600            "uuid": "6c50d8a4-6793-479b-84af-f3cf94fe4102"
601        },601        },
602        {602        {
603            "category": "Information security incident management",603            "category": "Information security incident management",
604            "code": "6.13.1.3",604            "code": "6.13.1.3",
605            "label": "Reporting information security weaknesses",605            "label": "Reporting information security weaknesses",
606            "referential": "f65b378c-ab20-4651-825b-4da34944b519",606            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
607            "referential_label": "ISO 27701",607            "referential_label": "ISO 27701",
608            "uuid": "6dd7fb16-a5f8-4722-9197-bf198327ed8b"608            "uuid": "6dd7fb16-a5f8-4722-9197-bf198327ed8b"
609        },609        },
610        {610        {
611            "category": "Human resources security",611            "category": "Human resources security",
612            "code": "6.4.2.1",612            "code": "6.4.2.1",
613            "label": "Management responsibilities",613            "label": "Management responsibilities",
614            "referential": "f65b378c-ab20-4651-825b-4da34944b519",614            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
615            "referential_label": "ISO 27701",615            "referential_label": "ISO 27701",
616            "uuid": "6ddcd365-eeca-473d-b9ad-03726ae858d8"616            "uuid": "6ddcd365-eeca-473d-b9ad-03726ae858d8"
617        },617        },
618        {618        {
619            "category": "Privacy by design and privacy by default",619            "category": "Privacy by design and privacy by default",
620            "code": "A.7.4.3",620            "code": "A.7.4.3",
621            "label": "Accuracy and quality",621            "label": "Accuracy and quality",
622            "referential": "f65b378c-ab20-4651-825b-4da34944b519",622            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
623            "referential_label": "ISO 27701",623            "referential_label": "ISO 27701",
624            "uuid": "6ee51d2e-83fe-4198-8118-dc7db98515b1"624            "uuid": "6ee51d2e-83fe-4198-8118-dc7db98515b1"
625        },625        },
626        {626        {
627            "category": "Operations security",627            "category": "Operations security",
628            "code": "6.9.1.1",628            "code": "6.9.1.1",
629            "label": "Documented operating procedures",629            "label": "Documented operating procedures",
630            "referential": "f65b378c-ab20-4651-825b-4da34944b519",630            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
631            "referential_label": "ISO 27701",631            "referential_label": "ISO 27701",
632            "uuid": "70a53056-137e-429a-9483-0a2e92a24fac"632            "uuid": "70a53056-137e-429a-9483-0a2e92a24fac"
633        },633        },
634        {634        {
635            "category": "Asset Management",635            "category": "Asset Management",
636            "code": "6.5.3.3",636            "code": "6.5.3.3",
637            "label": "Physical media transfer",637            "label": "Physical media transfer",
638            "referential": "f65b378c-ab20-4651-825b-4da34944b519",638            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
639            "referential_label": "ISO 27701",639            "referential_label": "ISO 27701",
640            "uuid": "71761dbc-aea1-4d01-b09d-abe2e67c4f1a"640            "uuid": "71761dbc-aea1-4d01-b09d-abe2e67c4f1a"
641        },641        },
642        {642        {
643            "category": "Access control",643            "category": "Access control",
644            "code": "6.6.4.4",644            "code": "6.6.4.4",
645            "label": "Use of privileged utility programs",645            "label": "Use of privileged utility programs",
646            "referential": "f65b378c-ab20-4651-825b-4da34944b519",646            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
647            "referential_label": "ISO 27701",647            "referential_label": "ISO 27701",
648            "uuid": "719158a7-c965-46e2-bed9-d273925a3fdd"648            "uuid": "719158a7-c965-46e2-bed9-d273925a3fdd"
649        },649        },
650        {650        {
651            "category": "Operations security",651            "category": "Operations security",
652            "code": "6.9.4.3",652            "code": "6.9.4.3",
653            "label": "Administrator and operator logs",653            "label": "Administrator and operator logs",
654            "referential": "f65b378c-ab20-4651-825b-4da34944b519",654            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
655            "referential_label": "ISO 27701",655            "referential_label": "ISO 27701",
656            "uuid": "7405dca3-2282-47e2-ac19-1992ff0a0228"656            "uuid": "7405dca3-2282-47e2-ac19-1992ff0a0228"
657        },657        },
658        {658        {
659            "category": "Operations security",659            "category": "Operations security",
660            "code": "6.9.1.4",660            "code": "6.9.1.4",
661            "label": "Separation of development testing and operational environments",661            "label": "Separation of development testing and operational environments",
662            "referential": "f65b378c-ab20-4651-825b-4da34944b519",662            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
663            "referential_label": "ISO 27701",663            "referential_label": "ISO 27701",
664            "uuid": "777d9c77-1093-4a4f-9c1f-ff9db9aa96c1"664            "uuid": "777d9c77-1093-4a4f-9c1f-ff9db9aa96c1"
665        },665        },
666        {666        {
667            "category": "Physical and environment security",667            "category": "Physical and environment security",
668            "code": "6.8.2.4",668            "code": "6.8.2.4",
669            "label": "Equipment maintenance",669            "label": "Equipment maintenance",
670            "referential": "f65b378c-ab20-4651-825b-4da34944b519",670            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
671            "referential_label": "ISO 27701",671            "referential_label": "ISO 27701",
672            "uuid": "77d78b64-a53d-4a62-9b00-7bc4c6df5d99"672            "uuid": "77d78b64-a53d-4a62-9b00-7bc4c6df5d99"
673        },673        },
674        {674        {
675            "category": "Performance Evaluation",675            "category": "Performance Evaluation",
676            "code": "5.7.1",676            "code": "5.7.1",
677            "label": "Monitoring measurement analysis and evaluation",677            "label": "Monitoring measurement analysis and evaluation",
678            "referential": "f65b378c-ab20-4651-825b-4da34944b519",678            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
679            "referential_label": "ISO 27701",679            "referential_label": "ISO 27701",
680            "uuid": "78bae82d-72d6-4b22-abc1-d49747a6dbad"680            "uuid": "78bae82d-72d6-4b22-abc1-d49747a6dbad"
681        },681        },
682        {682        {
683            "category": "Systems acquisition development and maintenance",683            "category": "Systems acquisition development and maintenance",
684            "code": "6.11.1.1",684            "code": "6.11.1.1",
685            "label": "Information security requirements analysis and specification",685            "label": "Information security requirements analysis and specification",
686            "referential": "f65b378c-ab20-4651-825b-4da34944b519",686            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
687            "referential_label": "ISO 27701",687            "referential_label": "ISO 27701",
688            "uuid": "7b804877-23cc-4f04-9979-8b6f985d04b9"688            "uuid": "7b804877-23cc-4f04-9979-8b6f985d04b9"
689        },689        },
690        {690        {
691            "category": "Performance Evaluation",691            "category": "Performance Evaluation",
692            "code": "5.7.2",692            "code": "5.7.2",
693            "label": "Internal audit",693            "label": "Internal audit",
694            "referential": "f65b378c-ab20-4651-825b-4da34944b519",694            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
695            "referential_label": "ISO 27701",695            "referential_label": "ISO 27701",
696            "uuid": "7b8aa5d2-9afa-4e76-a038-1bb4f169fc23"696            "uuid": "7b8aa5d2-9afa-4e76-a038-1bb4f169fc23"
697        },697        },
698        {698        {
699            "category": "Privacy by design and privacy by default",699            "category": "Privacy by design and privacy by default",
700            "code": "A.7.4.1",700            "code": "A.7.4.1",
701            "label": "Limit collection",701            "label": "Limit collection",
702            "referential": "f65b378c-ab20-4651-825b-4da34944b519",702            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
703            "referential_label": "ISO 27701",703            "referential_label": "ISO 27701",
704            "uuid": "7bc37de2-8b17-4965-980c-94260e7c84c9"704            "uuid": "7bc37de2-8b17-4965-980c-94260e7c84c9"
705        },705        },
706        {706        {
707            "category": "Communication security",707            "category": "Communication security",
708            "code": "6.10.2.4",708            "code": "6.10.2.4",
709            "label": "Confidentiality or non-disclosure agreements",709            "label": "Confidentiality or non-disclosure agreements",
710            "referential": "f65b378c-ab20-4651-825b-4da34944b519",710            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
711            "referential_label": "ISO 27701",711            "referential_label": "ISO 27701",
712            "uuid": "7fab270e-33dc-4df8-853b-770b47ed8b67"712            "uuid": "7fab270e-33dc-4df8-853b-770b47ed8b67"
713        },713        },
714        {714        {
715            "category": "Information security incident management",715            "category": "Information security incident management",
716            "code": "6.13.1.6",716            "code": "6.13.1.6",
717            "label": "Learning from information security incidents",717            "label": "Learning from information security incidents",
718            "referential": "f65b378c-ab20-4651-825b-4da34944b519",718            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
719            "referential_label": "ISO 27701",719            "referential_label": "ISO 27701",
720            "uuid": "805044a1-7f8c-40b4-9a29-5a9724624a69"720            "uuid": "805044a1-7f8c-40b4-9a29-5a9724624a69"
721        },721        },
722        {722        {
723            "category": "Asset Management",723            "category": "Asset Management",
724            "code": "6.5.3.2",724            "code": "6.5.3.2",
725            "label": "Disposal of media",725            "label": "Disposal of media",
726            "referential": "f65b378c-ab20-4651-825b-4da34944b519",726            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
727            "referential_label": "ISO 27701",727            "referential_label": "ISO 27701",
728            "uuid": "8247018f-5966-4fa1-86ed-74f89a17752d"728            "uuid": "8247018f-5966-4fa1-86ed-74f89a17752d"
729        },729        },
730        {730        {
731            "category": "Access control",731            "category": "Access control",
732            "code": "6.6.4.1",732            "code": "6.6.4.1",
733            "label": "Information access restriction",733            "label": "Information access restriction",
734            "referential": "f65b378c-ab20-4651-825b-4da34944b519",734            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
735            "referential_label": "ISO 27701",735            "referential_label": "ISO 27701",
736            "uuid": "84f2f3dc-54c0-4b96-8d27-8f2ae47a2964"736            "uuid": "84f2f3dc-54c0-4b96-8d27-8f2ae47a2964"
737        },737        },
738        {738        {
739            "category": "Compliance",739            "category": "Compliance",
740            "code": "6.15.2.3",740            "code": "6.15.2.3",
741            "label": "Technical compliance review",741            "label": "Technical compliance review",
742            "referential": "f65b378c-ab20-4651-825b-4da34944b519",742            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
743            "referential_label": "ISO 27701",743            "referential_label": "ISO 27701",
744            "uuid": "853373dc-8dc4-451e-b100-55d42aee4ffe"744            "uuid": "853373dc-8dc4-451e-b100-55d42aee4ffe"
745        },745        },
746        {746        {
747            "category": "Asset Management",747            "category": "Asset Management",
748            "code": "6.5.1.3",748            "code": "6.5.1.3",
749            "label": "Acceptable Use of Assets",749            "label": "Acceptable Use of Assets",
750            "referential": "f65b378c-ab20-4651-825b-4da34944b519",750            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
751            "referential_label": "ISO 27701",751            "referential_label": "ISO 27701",
752            "uuid": "85b65a44-6cca-498f-ab76-1079d0bdfadc"752            "uuid": "85b65a44-6cca-498f-ab76-1079d0bdfadc"
753        },753        },
754        {754        {
755            "category": "Conditions for collection and processing",755            "category": "Conditions for collection and processing",
756            "code": "B.8.2.3",756            "code": "B.8.2.3",
757            "label": "Marketing and advertising use",757            "label": "Marketing and advertising use",
758            "referential": "f65b378c-ab20-4651-825b-4da34944b519",758            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
759            "referential_label": "ISO 27701",759            "referential_label": "ISO 27701",
760            "uuid": "8862ca92-f431-48c6-b565-fd5fb9aa46d8"760            "uuid": "8862ca92-f431-48c6-b565-fd5fb9aa46d8"
761        },761        },
762        {762        {
763            "category": "Organisation of information security",763            "category": "Organisation of information security",
764            "code": "6.3.2.2",764            "code": "6.3.2.2",
765            "label": "Teleworking",765            "label": "Teleworking",
766            "referential": "f65b378c-ab20-4651-825b-4da34944b519",766            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
767            "referential_label": "ISO 27701",767            "referential_label": "ISO 27701",
768            "uuid": "8bb579d1-e9c6-4883-92a9-185cb3987b66"768            "uuid": "8bb579d1-e9c6-4883-92a9-185cb3987b66"
769        },769        },
770        {770        {
771            "category": "Leadership",771            "category": "Leadership",
772            "code": "5.3.1",772            "code": "5.3.1",
773            "label": "Leadership and commitment",773            "label": "Leadership and commitment",
774            "referential": "f65b378c-ab20-4651-825b-4da34944b519",774            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
775            "referential_label": "ISO 27701",775            "referential_label": "ISO 27701",
776            "uuid": "8d3a8ce7-3c35-4aed-8143-32f5d2279054"776            "uuid": "8d3a8ce7-3c35-4aed-8143-32f5d2279054"
777        },777        },
778        {778        {
779            "category": "Leadership",779            "category": "Leadership",
780            "code": "5.3.2",780            "code": "5.3.2",
781            "label": "Policy",781            "label": "Policy",
782            "referential": "f65b378c-ab20-4651-825b-4da34944b519",782            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
783            "referential_label": "ISO 27701",783            "referential_label": "ISO 27701",
784            "uuid": "8d6462fd-5a10-4847-92d1-da2585439e5e"784            "uuid": "8d6462fd-5a10-4847-92d1-da2585439e5e"
785        },785        },
786        {786        {
787            "category": "Privacy by design and privacy by default",787            "category": "Privacy by design and privacy by default",
788            "code": "A.7.4.4",788            "code": "A.7.4.4",
789            "label": "PII minimization objectives",789            "label": "PII minimization objectives",
790            "referential": "f65b378c-ab20-4651-825b-4da34944b519",790            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
791            "referential_label": "ISO 27701",791            "referential_label": "ISO 27701",
792            "uuid": "8e26c999-8f20-4cfc-8682-3d14c4d8315d"792            "uuid": "8e26c999-8f20-4cfc-8682-3d14c4d8315d"
793        },793        },
794        {794        {
795            "category": "Conditions for collection and processing",795            "category": "Conditions for collection and processing",
796            "code": "A.7.2.8",796            "code": "A.7.2.8",
797            "label": "Records related to processing PII",797            "label": "Records related to processing PII",
798            "referential": "f65b378c-ab20-4651-825b-4da34944b519",798            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
799            "referential_label": "ISO 27701",799            "referential_label": "ISO 27701",
800            "uuid": "8e697e5d-c974-44eb-b973-d6c8ba916725"800            "uuid": "8e697e5d-c974-44eb-b973-d6c8ba916725"
801        },801        },
802        {802        {
803            "category": "Asset Management",803            "category": "Asset Management",
804            "code": "6.5.2.3",804            "code": "6.5.2.3",
805            "label": "Handling of Assets",805            "label": "Handling of Assets",
806            "referential": "f65b378c-ab20-4651-825b-4da34944b519",806            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
807            "referential_label": "ISO 27701",807            "referential_label": "ISO 27701",
808            "uuid": "8f246d95-7e65-4fdf-a9bd-a567e537843e"808            "uuid": "8f246d95-7e65-4fdf-a9bd-a567e537843e"
809        },809        },
810        {810        {
811            "category": "Context of the organization",811            "category": "Context of the organization",
812            "code": "5.2.2",812            "code": "5.2.2",
813            "label": "Understanding the needs and expectations of interested parties",813            "label": "Understanding the needs and expectations of interested parties",
814            "referential": "f65b378c-ab20-4651-825b-4da34944b519",814            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
815            "referential_label": "ISO 27701",815            "referential_label": "ISO 27701",
816            "uuid": "8f6ef571-4efe-4df1-bca5-92af7e966240"816            "uuid": "8f6ef571-4efe-4df1-bca5-92af7e966240"
817        },817        },
818        {818        {
819            "category": "Systems acquisition development and maintenance",819            "category": "Systems acquisition development and maintenance",
820            "code": "6.11.2.1",820            "code": "6.11.2.1",
821            "label": "Secure development policy",821            "label": "Secure development policy",
822            "referential": "f65b378c-ab20-4651-825b-4da34944b519",822            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
823            "referential_label": "ISO 27701",823            "referential_label": "ISO 27701",
824            "uuid": "8fa447dd-b5e2-4be0-9784-4386ba03abf5"824            "uuid": "8fa447dd-b5e2-4be0-9784-4386ba03abf5"
825        },825        },
826        {826        {
827            "category": "Asset Management",827            "category": "Asset Management",
828            "code": "6.5.2.1",828            "code": "6.5.2.1",
829            "label": "Classification of information",829            "label": "Classification of information",
830            "referential": "f65b378c-ab20-4651-825b-4da34944b519",830            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
831            "referential_label": "ISO 27701",831            "referential_label": "ISO 27701",
832            "uuid": "91bd3542-b178-4c2e-a62e-ba5d37360ca4"832            "uuid": "91bd3542-b178-4c2e-a62e-ba5d37360ca4"
833        },833        },
834        {834        {
835            "category": "Systems acquisition development and maintenance",835            "category": "Systems acquisition development and maintenance",
836            "code": "6.11.1.3",836            "code": "6.11.1.3",
837            "label": "Protecting application services transactions",837            "label": "Protecting application services transactions",
838            "referential": "f65b378c-ab20-4651-825b-4da34944b519",838            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
839            "referential_label": "ISO 27701",839            "referential_label": "ISO 27701",
840            "uuid": "92cc1326-12da-4199-b805-9dfb5a6f5870"840            "uuid": "92cc1326-12da-4199-b805-9dfb5a6f5870"
841        },841        },
842        {842        {
843            "category": "Supplier relationships",843            "category": "Supplier relationships",
844            "code": "6.12.2.2",844            "code": "6.12.2.2",
845            "label": "Managing changes to supplier services",845            "label": "Managing changes to supplier services",
846            "referential": "f65b378c-ab20-4651-825b-4da34944b519",846            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
847            "referential_label": "ISO 27701",847            "referential_label": "ISO 27701",
848            "uuid": "94aa96fa-a2fa-4507-bec5-05fe0db41b9f"848            "uuid": "94aa96fa-a2fa-4507-bec5-05fe0db41b9f"
849        },849        },
850        {850        {
851            "category": "Information security objectives and planning to achieve them",851            "category": "Information security objectives and planning to achieve them",
852            "code": "5.4.2",852            "code": "5.4.2",
853            "label": "Information security objectives and planning to achieve them",853            "label": "Information security objectives and planning to achieve them",
854            "referential": "f65b378c-ab20-4651-825b-4da34944b519",854            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
855            "referential_label": "ISO 27701",855            "referential_label": "ISO 27701",
856            "uuid": "9a30e1ba-93d3-4e96-b8d9-663f2720e90a"856            "uuid": "9a30e1ba-93d3-4e96-b8d9-663f2720e90a"
857        },857        },
858        {858        {
859            "category": "PII sharing transfer and disclosure",859            "category": "PII sharing transfer and disclosure",
860            "code": "B.8.5.3",860            "code": "B.8.5.3",
861            "label": "Records of PII disclosure to third parties",861            "label": "Records of PII disclosure to third parties",
862            "referential": "f65b378c-ab20-4651-825b-4da34944b519",862            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
863            "referential_label": "ISO 27701",863            "referential_label": "ISO 27701",
864            "uuid": "9b1c4774-db02-4e14-9b1b-c4fc81438413"864            "uuid": "9b1c4774-db02-4e14-9b1b-c4fc81438413"
865        },865        },
866        {866        {
867            "category": "Access control",867            "category": "Access control",
868            "code": "6.6.2.3",868            "code": "6.6.2.3",
869            "label": "Management of privileged access rights",869            "label": "Management of privileged access rights",
870            "referential": "f65b378c-ab20-4651-825b-4da34944b519",870            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
871            "referential_label": "ISO 27701",871            "referential_label": "ISO 27701",
872            "uuid": "9bb3a441-d077-49a3-a20f-c91f431104e3"872            "uuid": "9bb3a441-d077-49a3-a20f-c91f431104e3"
873        },873        },
874        {874        {
875            "category": "PII sharing transfer and disclosure",875            "category": "PII sharing transfer and disclosure",
876            "code": "A.7.5.2",876            "code": "A.7.5.2",
877            "label": "Countries and international organizations to which PII can be transferred",877            "label": "Countries and international organizations to which PII can be transferred",
878            "referential": "f65b378c-ab20-4651-825b-4da34944b519",878            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
879            "referential_label": "ISO 27701",879            "referential_label": "ISO 27701",
880            "uuid": "9cc453f9-ec65-4091-b72f-c4411023de64"880            "uuid": "9cc453f9-ec65-4091-b72f-c4411023de64"
881        },881        },
882        {882        {
883            "category": "Supplier relationships",883            "category": "Supplier relationships",
884            "code": "6.12.1.3",884            "code": "6.12.1.3",
885            "label": "Information and communication technology supply chain",885            "label": "Information and communication technology supply chain",
886            "referential": "f65b378c-ab20-4651-825b-4da34944b519",886            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
887            "referential_label": "ISO 27701",887            "referential_label": "ISO 27701",
888            "uuid": "9d3cc972-695b-4700-b0ad-a53891329322"888            "uuid": "9d3cc972-695b-4700-b0ad-a53891329322"
889        },889        },
890        {890        {
891            "category": "Cryptography",891            "category": "Cryptography",
892            "code": "6.7.1.2",892            "code": "6.7.1.2",
893            "label": "Key management",893            "label": "Key management",
894            "referential": "f65b378c-ab20-4651-825b-4da34944b519",894            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
895            "referential_label": "ISO 27701",895            "referential_label": "ISO 27701",
896            "uuid": "9eac1198-8099-4b6c-931c-f59fbc2ec30e"896            "uuid": "9eac1198-8099-4b6c-931c-f59fbc2ec30e"
897        },897        },
898        {898        {
899            "category": "Human resources security",899            "category": "Human resources security",
900            "code": "6.4.2.3",900            "code": "6.4.2.3",
901            "label": "Disciplinary procedures",901            "label": "Disciplinary procedures",
902            "referential": "f65b378c-ab20-4651-825b-4da34944b519",902            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
903            "referential_label": "ISO 27701",903            "referential_label": "ISO 27701",
904            "uuid": "9f509e16-fd65-4121-8144-c2403c924dfb"904            "uuid": "9f509e16-fd65-4121-8144-c2403c924dfb"
905        },905        },
906        {906        {
907            "category": "PII sharing transfer and disclosure",907            "category": "PII sharing transfer and disclosure",
908            "code": "B.8.5.6",908            "code": "B.8.5.6",
909            "label": "Disclosure of subcontractors used to process PII",909            "label": "Disclosure of subcontractors used to process PII",
910            "referential": "f65b378c-ab20-4651-825b-4da34944b519",910            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
911            "referential_label": "ISO 27701",911            "referential_label": "ISO 27701",
912            "uuid": "a0091b82-4864-49dc-a885-a27cd933d4aa"912            "uuid": "a0091b82-4864-49dc-a885-a27cd933d4aa"
913        },913        },
914        {914        {
915            "category": "Operations security",915            "category": "Operations security",
916            "code": "6.9.2.1",916            "code": "6.9.2.1",
917            "label": "Controls against malware",917            "label": "Controls against malware",
918            "referential": "f65b378c-ab20-4651-825b-4da34944b519",918            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
919            "referential_label": "ISO 27701",919            "referential_label": "ISO 27701",
920            "uuid": "a0494662-1835-44f8-b600-df2d2bcdaf7f"920            "uuid": "a0494662-1835-44f8-b600-df2d2bcdaf7f"
921        },921        },
922        {922        {
923            "category": "Obligations to PII principals",923            "category": "Obligations to PII principals",
924            "code": "A.7.3.6",924            "code": "A.7.3.6",
925            "label": "Access correction and/or erasure",925            "label": "Access correction and/or erasure",
926            "referential": "f65b378c-ab20-4651-825b-4da34944b519",926            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
927            "referential_label": "ISO 27701",927            "referential_label": "ISO 27701",
928            "uuid": "a1141b2f-868c-4c8c-bb32-911732b9adf9"928            "uuid": "a1141b2f-868c-4c8c-bb32-911732b9adf9"
929        },929        },
930        {930        {
931            "category": "Leadership",931            "category": "Leadership",
932            "code": "5.3.3",932            "code": "5.3.3",
933            "label": "Organizational roles responsibilities and authorities",933            "label": "Organizational roles responsibilities and authorities",
934            "referential": "f65b378c-ab20-4651-825b-4da34944b519",934            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
935            "referential_label": "ISO 27701",935            "referential_label": "ISO 27701",
936            "uuid": "a3a2049e-f29c-4bae-9c23-d791feba7e0e"936            "uuid": "a3a2049e-f29c-4bae-9c23-d791feba7e0e"
937        },937        },
938        {938        {
939            "category": "Support",939            "category": "Support",
940            "code": "5.5.4",940            "code": "5.5.4",
941            "label": "Communication",941            "label": "Communication",
942            "referential": "f65b378c-ab20-4651-825b-4da34944b519",942            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
943            "referential_label": "ISO 27701",943            "referential_label": "ISO 27701",
944            "uuid": "a3d0ca70-89d8-4e54-9ced-20159cf4e3bd"944            "uuid": "a3d0ca70-89d8-4e54-9ced-20159cf4e3bd"
945        },945        },
946        {946        {
947            "category": "Compliance",947            "category": "Compliance",
948            "code": "6.15.1.3",948            "code": "6.15.1.3",
949            "label": "Protection of records",949            "label": "Protection of records",
950            "referential": "f65b378c-ab20-4651-825b-4da34944b519",950            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
951            "referential_label": "ISO 27701",951            "referential_label": "ISO 27701",
952            "uuid": "a66fa2a1-6237-4552-abd5-be6df3856d09"952            "uuid": "a66fa2a1-6237-4552-abd5-be6df3856d09"
953        },953        },
954        {954        {
955            "category": "Access control",955            "category": "Access control",
956            "code": "6.6.4.3",956            "code": "6.6.4.3",
957            "label": "Password management system",957            "label": "Password management system",
958            "referential": "f65b378c-ab20-4651-825b-4da34944b519",958            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
959            "referential_label": "ISO 27701",959            "referential_label": "ISO 27701",
960            "uuid": "a681fb35-04d6-4adc-bde8-b044a26c970d"960            "uuid": "a681fb35-04d6-4adc-bde8-b044a26c970d"
961        },961        },
962        {962        {
963            "category": "Compliance",963            "category": "Compliance",
964            "code": "6.15.1.4",964            "code": "6.15.1.4",
965            "label": "Privacy and protection of personally identifiable information",965            "label": "Privacy and protection of personally identifiable information",
966            "referential": "f65b378c-ab20-4651-825b-4da34944b519",966            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
967            "referential_label": "ISO 27701",967            "referential_label": "ISO 27701",
968            "uuid": "a77afead-e763-41a6-a803-af6b3d0a2cb2"968            "uuid": "a77afead-e763-41a6-a803-af6b3d0a2cb2"
969        },969        },
970        {970        {
971            "category": "Supplier relationships",971            "category": "Supplier relationships",
972            "code": "6.12.1.2",972            "code": "6.12.1.2",
973            "label": "Addressing security within supplier agreements",973            "label": "Addressing security within supplier agreements",
974            "referential": "f65b378c-ab20-4651-825b-4da34944b519",974            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
975            "referential_label": "ISO 27701",975            "referential_label": "ISO 27701",
976            "uuid": "a793e4bc-6bd9-49a4-8c4b-4933dc7d2238"976            "uuid": "a793e4bc-6bd9-49a4-8c4b-4933dc7d2238"
977        },977        },
978        {978        {
979            "category": "Information security aspects of business continuity management",979            "category": "Information security aspects of business continuity management",
980            "code": "6.14.1.2",980            "code": "6.14.1.2",
981            "label": "Implementing information security continuity",981            "label": "Implementing information security continuity",
982            "referential": "f65b378c-ab20-4651-825b-4da34944b519",982            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
983            "referential_label": "ISO 27701",983            "referential_label": "ISO 27701",
984            "uuid": "a86710e7-c5bf-4fa7-a311-8757ab2b801b"984            "uuid": "a86710e7-c5bf-4fa7-a311-8757ab2b801b"
985        },985        },
986        {986        {
987            "category": "Operations security",987            "category": "Operations security",
988            "code": "6.9.4.1",988            "code": "6.9.4.1",
989            "label": "Event logging",989            "label": "Event logging",
990            "referential": "f65b378c-ab20-4651-825b-4da34944b519",990            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
991            "referential_label": "ISO 27701",991            "referential_label": "ISO 27701",
992            "uuid": "a87901f1-5d34-46af-afc7-0375e59721f6"992            "uuid": "a87901f1-5d34-46af-afc7-0375e59721f6"
993        },993        },
994        {994        {
995            "category": "Supplier relationships",995            "category": "Supplier relationships",
996            "code": "6.12.1.1",996            "code": "6.12.1.1",
997            "label": "Information security policy for supplier relationships",997            "label": "Information security policy for supplier relationships",
998            "referential": "f65b378c-ab20-4651-825b-4da34944b519",998            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
999            "referential_label": "ISO 27701",999            "referential_label": "ISO 27701",
1000            "uuid": "a943f47f-6996-4490-b45d-9c427942c0a7"1000            "uuid": "a943f47f-6996-4490-b45d-9c427942c0a7"
1001        },1001        },
1002        {1002        {
1003            "category": "Conditions for collection and processing",1003            "category": "Conditions for collection and processing",
1004            "code": "B.8.2.2",1004            "code": "B.8.2.2",
1005            "label": "Organization's purposes",1005            "label": "Organization's purposes",
1006            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1006            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1007            "referential_label": "ISO 27701",1007            "referential_label": "ISO 27701",
1008            "uuid": "a9d08b54-382a-4116-93a0-39d34495c711"1008            "uuid": "a9d08b54-382a-4116-93a0-39d34495c711"
1009        },1009        },
1010        {1010        {
1011            "category": "Systems acquisition development and maintenance",1011            "category": "Systems acquisition development and maintenance",
1012            "code": "6.11.2.5",1012            "code": "6.11.2.5",
1013            "label": "Secure systems engineering principles",1013            "label": "Secure systems engineering principles",
1014            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1014            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1015            "referential_label": "ISO 27701",1015            "referential_label": "ISO 27701",
1016            "uuid": "af4c64b8-fc6e-4bd7-8679-3cc0d3c31480"1016            "uuid": "af4c64b8-fc6e-4bd7-8679-3cc0d3c31480"
1017        },1017        },
1018        {1018        {
1019            "category": "Obligations to PII principals",1019            "category": "Obligations to PII principals",
1020            "code": "A.7.3.9",1020            "code": "A.7.3.9",
1021            "label": "Handling requests",1021            "label": "Handling requests",
1022            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1022            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1023            "referential_label": "ISO 27701",1023            "referential_label": "ISO 27701",
1024            "uuid": "b00f4fa5-5643-4b69-8d58-377007ed3696"1024            "uuid": "b00f4fa5-5643-4b69-8d58-377007ed3696"
1025        },1025        },
1026        {1026        {
1027            "category": "Conditions for collection and processing",1027            "category": "Conditions for collection and processing",
1028            "code": "B.8.2.4",1028            "code": "B.8.2.4",
1029            "label": "Infringing instruction",1029            "label": "Infringing instruction",
1030            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1030            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1031            "referential_label": "ISO 27701",1031            "referential_label": "ISO 27701",
1032            "uuid": "b1bfc4bc-db05-4d94-9273-382562faefcd"1032            "uuid": "b1bfc4bc-db05-4d94-9273-382562faefcd"
1033        },1033        },
1034        {1034        {
1035            "category": "Obligations to PII principals",1035            "category": "Obligations to PII principals",
1036            "code": "A.7.3.7",1036            "code": "A.7.3.7",
1037            "label": "PII controllers' obligations to inform third parties",1037            "label": "PII controllers' obligations to inform third parties",
1038            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1038            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1039            "referential_label": "ISO 27701",1039            "referential_label": "ISO 27701",
1040            "uuid": "b40b6f97-5f9b-4f0e-ae6f-317172cd942b"1040            "uuid": "b40b6f97-5f9b-4f0e-ae6f-317172cd942b"
1041        },1041        },
1042        {1042        {
1043            "category": "Operations security",1043            "category": "Operations security",
1044            "code": "6.9.3.1",1044            "code": "6.9.3.1",
1045            "label": "Information backup",1045            "label": "Information backup",
1046            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1046            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1047            "referential_label": "ISO 27701",1047            "referential_label": "ISO 27701",
1048            "uuid": "b44c628f-e837-44d0-8392-8f936f8e86e4"1048            "uuid": "b44c628f-e837-44d0-8392-8f936f8e86e4"
1049        },1049        },
1050        {1050        {
1051            "category": "Obligations to PII principals",1051            "category": "Obligations to PII principals",
1052            "code": "A.7.3.3",1052            "code": "A.7.3.3",
1053            "label": "Providing information to PII principals",1053            "label": "Providing information to PII principals",
1054            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1054            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1055            "referential_label": "ISO 27701",1055            "referential_label": "ISO 27701",
1056            "uuid": "b455a728-91ac-4a9e-bb29-ecd4505fa37b"1056            "uuid": "b455a728-91ac-4a9e-bb29-ecd4505fa37b"
1057        },1057        },
1058        {1058        {
1059            "category": "Conditions for collection and processing",1059            "category": "Conditions for collection and processing",
1060            "code": "A.7.2.5",1060            "code": "A.7.2.5",
1061            "label": "Privacy impactassessment",1061            "label": "Privacy impactassessment",
1062            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1062            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1063            "referential_label": "ISO 27701",1063            "referential_label": "ISO 27701",
1064            "uuid": "b476a2b4-7eee-4e79-8910-d9e309d8c759"1064            "uuid": "b476a2b4-7eee-4e79-8910-d9e309d8c759"
1065        },1065        },
1066        {1066        {
1067            "category": "Physical and environment security",1067            "category": "Physical and environment security",
1068            "code": "6.8.1.6",1068            "code": "6.8.1.6",
1069            "label": "Delivery and loading areas",1069            "label": "Delivery and loading areas",
1070            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1070            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1071            "referential_label": "ISO 27701",1071            "referential_label": "ISO 27701",
1072            "uuid": "b570b846-c1fb-4a9d-8f79-5dac6e4e5d87"1072            "uuid": "b570b846-c1fb-4a9d-8f79-5dac6e4e5d87"
1073        },1073        },
1074        {1074        {
1075            "category": "Operations security",1075            "category": "Operations security",
1076            "code": "6.9.6.1",1076            "code": "6.9.6.1",
1077            "label": "Management of technical vulnerabilities",1077            "label": "Management of technical vulnerabilities",
1078            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1078            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1079            "referential_label": "ISO 27701",1079            "referential_label": "ISO 27701",
1080            "uuid": "b5c16404-bcfc-4756-8e42-8ba590803215"1080            "uuid": "b5c16404-bcfc-4756-8e42-8ba590803215"
1081        },1081        },
1082        {1082        {
1083            "category": "Obligations to PII principals",1083            "category": "Obligations to PII principals",
1084            "code": "A.7.3.1",1084            "code": "A.7.3.1",
1085            "label": "Determining and fulfilling obligations to PII principals",1085            "label": "Determining and fulfilling obligations to PII principals",
1086            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1086            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1087            "referential_label": "ISO 27701",1087            "referential_label": "ISO 27701",
1088            "uuid": "bca25a95-8ac6-4b8f-857a-e7ceb72101dd"1088            "uuid": "bca25a95-8ac6-4b8f-857a-e7ceb72101dd"
1089        },1089        },
1090        {1090        {
1091            "category": "Performance Evaluation",1091            "category": "Performance Evaluation",
1092            "code": "5.7.3",1092            "code": "5.7.3",
1093            "label": "Management review",1093            "label": "Management review",
1094            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1094            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1095            "referential_label": "ISO 27701",1095            "referential_label": "ISO 27701",
1096            "uuid": "bd47b036-1585-4f1f-a648-66f681971779"1096            "uuid": "bd47b036-1585-4f1f-a648-66f681971779"
1097        },1097        },
1098        {1098        {
1099            "category": "Access control",1099            "category": "Access control",
1100            "code": "6.6.2.5",1100            "code": "6.6.2.5",
1101            "label": "Review of user access rights",1101            "label": "Review of user access rights",
1102            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1102            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1103            "referential_label": "ISO 27701",1103            "referential_label": "ISO 27701",
1104            "uuid": "bef5cb25-c14c-473a-b987-1faad4c6be6e"1104            "uuid": "bef5cb25-c14c-473a-b987-1faad4c6be6e"
1105        },1105        },
1106        {1106        {
1107            "category": "Obligations to PII principals",1107            "category": "Obligations to PII principals",
1108            "code": "A.7.3.4",1108            "code": "A.7.3.4",
1109            "label": "Providing mechanism to modify or withdraw consent",1109            "label": "Providing mechanism to modify or withdraw consent",
1110            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1110            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1111            "referential_label": "ISO 27701",1111            "referential_label": "ISO 27701",
1112            "uuid": "c0b08efb-ff1b-4c47-8cb6-c78860818c90"1112            "uuid": "c0b08efb-ff1b-4c47-8cb6-c78860818c90"
1113        },1113        },
1114        {1114        {
1115            "category": "Obligations to PII principals",1115            "category": "Obligations to PII principals",
1116            "code": "A.7.3.10",1116            "code": "A.7.3.10",
1117            "label": "Automated decision making",1117            "label": "Automated decision making",
1118            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1118            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1119            "referential_label": "ISO 27701",1119            "referential_label": "ISO 27701",
1120            "uuid": "c1301d3d-096c-412b-9fc4-80bf6bd2ce4c"1120            "uuid": "c1301d3d-096c-412b-9fc4-80bf6bd2ce4c"
1121        },1121        },
1122        {1122        {
1123            "category": "PII sharing transfer and disclosure",1123            "category": "PII sharing transfer and disclosure",
1124            "code": "A.7.5.1",1124            "code": "A.7.5.1",
1125            "label": "Identify basis for PII transfer between jurisdictions",1125            "label": "Identify basis for PII transfer between jurisdictions",
1126            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1126            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1127            "referential_label": "ISO 27701",1127            "referential_label": "ISO 27701",
1128            "uuid": "c1975c78-d5c7-4294-b794-7bf70c443cdf"1128            "uuid": "c1975c78-d5c7-4294-b794-7bf70c443cdf"
1129        },1129        },
1130        {1130        {
1131            "category": "Supplier relationships",1131            "category": "Supplier relationships",
1132            "code": "6.12.2.1",1132            "code": "6.12.2.1",
1133            "label": "Monitoring and review of supplier services",1133            "label": "Monitoring and review of supplier services",
1134            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1134            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1135            "referential_label": "ISO 27701",1135            "referential_label": "ISO 27701",
1136            "uuid": "c293ea96-ba7c-4c2c-b8f2-34b2fd13c6b7"1136            "uuid": "c293ea96-ba7c-4c2c-b8f2-34b2fd13c6b7"
1137        },1137        },
1138        {1138        {
1139            "category": "Conditions for collection and processing",1139            "category": "Conditions for collection and processing",
1140            "code": "A.7.2.2",1140            "code": "A.7.2.2",
1141            "label": "Identify lawful basis",1141            "label": "Identify lawful basis",
1142            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1142            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1143            "referential_label": "ISO 27701",1143            "referential_label": "ISO 27701",
1144            "uuid": "c4709dc0-24a8-4e1d-962c-2fafb958de37"1144            "uuid": "c4709dc0-24a8-4e1d-962c-2fafb958de37"
1145        },1145        },
1146        {1146        {
1147            "category": "Actions to address risks and opportunities",1147            "category": "Actions to address risks and opportunities",
1148            "code": "5.4.1.1",1148            "code": "5.4.1.1",
1149            "label": "Actions to address risks and opportunities - General",1149            "label": "Actions to address risks and opportunities - General",
1150            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1150            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1151            "referential_label": "ISO 27701",1151            "referential_label": "ISO 27701",
1152            "uuid": "c4d6e81f-91e4-4c90-afa2-433afaad05f4"1152            "uuid": "c4d6e81f-91e4-4c90-afa2-433afaad05f4"
1153        },1153        },
1154        {1154        {
1155            "category": "Organisation of information security",1155            "category": "Organisation of information security",
1156            "code": "6.3.2.1",1156            "code": "6.3.2.1",
1157            "label": "Mobile device policy",1157            "label": "Mobile device policy",
1158            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1158            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1159            "referential_label": "ISO 27701",1159            "referential_label": "ISO 27701",
1160            "uuid": "c690cf3c-e020-450d-865e-32fdc36a609f"1160            "uuid": "c690cf3c-e020-450d-865e-32fdc36a609f"
1161        },1161        },
1162        {1162        {
1163            "category": "Physical and environment security",1163            "category": "Physical and environment security",
1164            "code": "6.8.2.7",1164            "code": "6.8.2.7",
1165            "label": "Secure disposal or re-use of equipment",1165            "label": "Secure disposal or re-use of equipment",
1166            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1166            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1167            "referential_label": "ISO 27701",1167            "referential_label": "ISO 27701",
1168            "uuid": "c6923895-042d-4e83-bd6e-9195e74e3188"1168            "uuid": "c6923895-042d-4e83-bd6e-9195e74e3188"
1169        },1169        },
1170        {1170        {
1171            "category": "Physical and environment security",1171            "category": "Physical and environment security",
1172            "code": "6.8.1.1",1172            "code": "6.8.1.1",
1173            "label": "Physical security perimeter",1173            "label": "Physical security perimeter",
1174            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1174            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1175            "referential_label": "ISO 27701",1175            "referential_label": "ISO 27701",
1176            "uuid": "c7790c91-5a58-4d1f-9df1-942d4a3ef273"1176            "uuid": "c7790c91-5a58-4d1f-9df1-942d4a3ef273"
1177        },1177        },
1178        {1178        {
1179            "category": "Operations security",1179            "category": "Operations security",
1180            "code": "6.9.7.1",1180            "code": "6.9.7.1",
1181            "label": "Information systems audit controls",1181            "label": "Information systems audit controls",
1182            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1182            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1183            "referential_label": "ISO 27701",1183            "referential_label": "ISO 27701",
1184            "uuid": "c8ec4174-841c-4de4-9685-342e1933351c"1184            "uuid": "c8ec4174-841c-4de4-9685-342e1933351c"
1185        },1185        },
1186        {1186        {
1187            "category": "PII sharing transfer and disclosure",1187            "category": "PII sharing transfer and disclosure",
1188            "code": "A.7.5.3",1188            "code": "A.7.5.3",
1189            "label": "Records of transfer of PII",1189            "label": "Records of transfer of PII",
1190            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1190            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1191            "referential_label": "ISO 27701",1191            "referential_label": "ISO 27701",
1192            "uuid": "c8feff26-b7e6-4fc0-8067-978ab64f096e"1192            "uuid": "c8feff26-b7e6-4fc0-8067-978ab64f096e"
1193        },1193        },
1194        {1194        {
1195            "category": "Privacy by design and privacy by default",1195            "category": "Privacy by design and privacy by default",
1196            "code": "A.7.4.9",1196            "code": "A.7.4.9",
1197            "label": "PII transmission controls",1197            "label": "PII transmission controls",
1198            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1198            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1199            "referential_label": "ISO 27701",1199            "referential_label": "ISO 27701",
1200            "uuid": "cc79433d-bd1b-40eb-9960-5fae6ee09216"1200            "uuid": "cc79433d-bd1b-40eb-9960-5fae6ee09216"
1201        },1201        },
1202        {1202        {
1203            "category": "PII sharing transfer and disclosure",1203            "category": "PII sharing transfer and disclosure",
1204            "code": "B.8.5.2",1204            "code": "B.8.5.2",
1205            "label": "Countries and international organizations to which PII can be transferred",1205            "label": "Countries and international organizations to which PII can be transferred",
1206            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1206            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1207            "referential_label": "ISO 27701",1207            "referential_label": "ISO 27701",
1208            "uuid": "cca8434a-1f0f-48ec-9358-2f3ee5a712da"1208            "uuid": "cca8434a-1f0f-48ec-9358-2f3ee5a712da"
1209        },1209        },
1210        {1210        {
1211            "category": "Conditions for collection and processing",1211            "category": "Conditions for collection and processing",
1212            "code": "A.7.2.1",1212            "code": "A.7.2.1",
1213            "label": "Identify and document purpose",1213            "label": "Identify and document purpose",
1214            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1214            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1215            "referential_label": "ISO 27701",1215            "referential_label": "ISO 27701",
1216            "uuid": "cd1267a3-0a09-402c-ada9-85c9291aac26"1216            "uuid": "cd1267a3-0a09-402c-ada9-85c9291aac26"
1217        },1217        },
1218        {1218        {
1219            "category": "Systems acquisition development and maintenance",1219            "category": "Systems acquisition development and maintenance",
1220            "code": "6.11.3.1",1220            "code": "6.11.3.1",
1221            "label": "Protection of test data",1221            "label": "Protection of test data",
1222            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1222            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1223            "referential_label": "ISO 27701",1223            "referential_label": "ISO 27701",
1224            "uuid": "cdb15fe9-9808-4749-8747-c284018cccf0"1224            "uuid": "cdb15fe9-9808-4749-8747-c284018cccf0"
1225        },1225        },
1226        {1226        {
1227            "category": "Information security aspects of business continuity management",1227            "category": "Information security aspects of business continuity management",
1228            "code": "6.14.1.1",1228            "code": "6.14.1.1",
1229            "label": "Planning information security continuity",1229            "label": "Planning information security continuity",
1230            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1230            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1231            "referential_label": "ISO 27701",1231            "referential_label": "ISO 27701",
1232            "uuid": "cfec872a-4fb3-4364-91dc-475236cc2f93"1232            "uuid": "cfec872a-4fb3-4364-91dc-475236cc2f93"
1233        },1233        },
1234        {1234        {
1235            "category": "Privacy by design and privacy by default",1235            "category": "Privacy by design and privacy by default",
1236            "code": "B.8.4.1",1236            "code": "B.8.4.1",
1237            "label": "Temporary files",1237            "label": "Temporary files",
1238            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1238            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1239            "referential_label": "ISO 27701",1239            "referential_label": "ISO 27701",
1240            "uuid": "d16fc0f9-ab36-49b6-a4ad-4d8d0120f0a1"1240            "uuid": "d16fc0f9-ab36-49b6-a4ad-4d8d0120f0a1"
1241        },1241        },
1242        {1242        {
1243            "category": "Operations security",1243            "category": "Operations security",
1244            "code": "6.9.4.2",1244            "code": "6.9.4.2",
1245            "label": "Protection of log information",1245            "label": "Protection of log information",
1246            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1246            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1247            "referential_label": "ISO 27701",1247            "referential_label": "ISO 27701",
1248            "uuid": "d21603d6-f97e-4b20-bdf6-7bf5248277cb"1248            "uuid": "d21603d6-f97e-4b20-bdf6-7bf5248277cb"
1249        },1249        },
1250        {1250        {
1251            "category": "Conditions for collection and processing",1251            "category": "Conditions for collection and processing",
1252            "code": "B.8.2.5",1252            "code": "B.8.2.5",
1253            "label": "Customer obligations",1253            "label": "Customer obligations",
1254            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1254            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1255            "referential_label": "ISO 27701",1255            "referential_label": "ISO 27701",
1256            "uuid": "d2b79e78-5e9b-4a6d-94f7-855274b7831f"1256            "uuid": "d2b79e78-5e9b-4a6d-94f7-855274b7831f"
1257        },1257        },
1258        {1258        {
1259            "category": "Asset Management",1259            "category": "Asset Management",
1260            "code": "6.5.2.2",1260            "code": "6.5.2.2",
1261            "label": "Labelling of information",1261            "label": "Labelling of information",
1262            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1262            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1263            "referential_label": "ISO 27701",1263            "referential_label": "ISO 27701",
1264            "uuid": "d313624f-8213-4f20-b536-b859e8b8c429"1264            "uuid": "d313624f-8213-4f20-b536-b859e8b8c429"
1265        },1265        },
1266        {1266        {
1267            "category": "Systems acquisition development and maintenance",1267            "category": "Systems acquisition development and maintenance",
1268            "code": "6.11.2.9",1268            "code": "6.11.2.9",
1269            "label": "System acceptance testing",1269            "label": "System acceptance testing",
1270            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1270            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1271            "referential_label": "ISO 27701",1271            "referential_label": "ISO 27701",
1272            "uuid": "d3f5b543-cd6b-4645-8395-e9d00cfdbeb6"1272            "uuid": "d3f5b543-cd6b-4645-8395-e9d00cfdbeb6"
1273        },1273        },
1274        {1274        {
1275            "category": "Obligations to PII principals",1275            "category": "Obligations to PII principals",
1276            "code": "A.7.3.5",1276            "code": "A.7.3.5",
1277            "label": "Providing mechanism to object to PIIprocessing",1277            "label": "Providing mechanism to object to PIIprocessing",
1278            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1278            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1279            "referential_label": "ISO 27701",1279            "referential_label": "ISO 27701",
1280            "uuid": "d462468f-b212-4c90-aed2-18dc60db95ce"1280            "uuid": "d462468f-b212-4c90-aed2-18dc60db95ce"
1281        },1281        },
1282        {1282        {
1283            "category": "Conditions for collection and processing",1283            "category": "Conditions for collection and processing",
1284            "code": "B.8.2.1",1284            "code": "B.8.2.1",
1285            "label": "Customer agreement",1285            "label": "Customer agreement",
1286            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1286            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1287            "referential_label": "ISO 27701",1287            "referential_label": "ISO 27701",
1288            "uuid": "d5cde1bc-d630-4a7e-b7c0-04dbae6bff30"1288            "uuid": "d5cde1bc-d630-4a7e-b7c0-04dbae6bff30"
1289        },1289        },
1290        {1290        {
1291            "category": "Communication security",1291            "category": "Communication security",
1292            "code": "6.10.2.1",1292            "code": "6.10.2.1",
1293            "label": "Information transfer policies and procedures",1293            "label": "Information transfer policies and procedures",
1294            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1294            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1295            "referential_label": "ISO 27701",1295            "referential_label": "ISO 27701",
1296            "uuid": "d649f805-1142-4fcf-a119-ae76f392708a"1296            "uuid": "d649f805-1142-4fcf-a119-ae76f392708a"
1297        },1297        },
1298        {1298        {
1299            "category": "PII sharing transfer and disclosure",1299            "category": "PII sharing transfer and disclosure",
1300            "code": "B.8.5.4",1300            "code": "B.8.5.4",
1301            "label": "Notification of PII disclosure requests",1301            "label": "Notification of PII disclosure requests",
1302            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1302            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1303            "referential_label": "ISO 27701",1303            "referential_label": "ISO 27701",
1304            "uuid": "d9273c35-a712-46b9-9754-b96cb49d2332"1304            "uuid": "d9273c35-a712-46b9-9754-b96cb49d2332"
1305        },1305        },
1306        {1306        {
1307            "category": "Conditions for collection and processing",1307            "category": "Conditions for collection and processing",
1308            "code": "B.8.2.6",1308            "code": "B.8.2.6",
1309            "label": "Records related to processing PII",1309            "label": "Records related to processing PII",
1310            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1310            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1311            "referential_label": "ISO 27701",1311            "referential_label": "ISO 27701",
1312            "uuid": "d9a470ad-a071-4ace-9662-8dc18a96b361"1312            "uuid": "d9a470ad-a071-4ace-9662-8dc18a96b361"
1313        },1313        },
1314        {1314        {
1315            "category": "Operations security",1315            "category": "Operations security",
1316            "code": "6.9.4.4",1316            "code": "6.9.4.4",
1317            "label": "Clock synchronisation",1317            "label": "Clock synchronisation",
1318            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1318            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1319            "referential_label": "ISO 27701",1319            "referential_label": "ISO 27701",
1320            "uuid": "d9e0e545-7b42-4899-8e56-7f9fc6fce85f"1320            "uuid": "d9e0e545-7b42-4899-8e56-7f9fc6fce85f"
1321        },1321        },
1322        {1322        {
1323            "category": "Physical and environment security",1323            "category": "Physical and environment security",
1324            "code": "6.8.2.8",1324            "code": "6.8.2.8",
1325            "label": "Unattended user equipment",1325            "label": "Unattended user equipment",
1326            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1326            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1327            "referential_label": "ISO 27701",1327            "referential_label": "ISO 27701",
1328            "uuid": "d9e2a570-4155-4970-88d7-809179ac7f31"1328            "uuid": "d9e2a570-4155-4970-88d7-809179ac7f31"
1329        },1329        },
1330        {1330        {
1331            "category": "Privacy by design and privacy by default",1331            "category": "Privacy by design and privacy by default",
1332            "code": "A.7.4.8",1332            "code": "A.7.4.8",
1333            "label": "Disposal",1333            "label": "Disposal",
1334            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1334            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1335            "referential_label": "ISO 27701",1335            "referential_label": "ISO 27701",
1336            "uuid": "db2c9e1b-aac1-418c-911e-00eb01cdef6c"1336            "uuid": "db2c9e1b-aac1-418c-911e-00eb01cdef6c"
1337        },1337        },
1338        {1338        {
1339            "category": "PII sharing transfer and disclosure",1339            "category": "PII sharing transfer and disclosure",
1340            "code": "B.8.5.7",1340            "code": "B.8.5.7",
1341            "label": "Engagement of a subcontractor to process PII",1341            "label": "Engagement of a subcontractor to process PII",
1342            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1342            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1343            "referential_label": "ISO 27701",1343            "referential_label": "ISO 27701",
1344            "uuid": "dccd6bfd-aff7-4b01-8004-4d7eb3348484"1344            "uuid": "dccd6bfd-aff7-4b01-8004-4d7eb3348484"
1345        },1345        },
1346        {1346        {
1347            "category": "Physical and environment security",1347            "category": "Physical and environment security",
1348            "code": "6.8.2.1",1348            "code": "6.8.2.1",
1349            "label": "Equipment siting and protection",1349            "label": "Equipment siting and protection",
1350            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1350            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1351            "referential_label": "ISO 27701",1351            "referential_label": "ISO 27701",
1352            "uuid": "dcf6c663-23fc-450b-8d46-be3c48bc049a"1352            "uuid": "dcf6c663-23fc-450b-8d46-be3c48bc049a"
1353        },1353        },
1354        {1354        {
1355            "category": "Information security incident management",1355            "category": "Information security incident management",
1356            "code": "6.13.1.5",1356            "code": "6.13.1.5",
1357            "label": "Response to information security incidents",1357            "label": "Response to information security incidents",
1358            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1358            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1359            "referential_label": "ISO 27701",1359            "referential_label": "ISO 27701",
1360            "uuid": "dd2c4b83-0077-4f70-99b1-74127969c19b"1360            "uuid": "dd2c4b83-0077-4f70-99b1-74127969c19b"
1361        },1361        },
1362        {1362        {
1363            "category": "Human resources security",1363            "category": "Human resources security",
1364            "code": "6.4.3.1",1364            "code": "6.4.3.1",
1365            "label": "Termination or change of employment responsibilities",1365            "label": "Termination or change of employment responsibilities",
1366            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1366            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1367            "referential_label": "ISO 27701",1367            "referential_label": "ISO 27701",
1368            "uuid": "dd48169a-e980-4e58-804b-fb283786415c"1368            "uuid": "dd48169a-e980-4e58-804b-fb283786415c"
1369        },1369        },
1370        {1370        {
1371            "category": "Communication security",1371            "category": "Communication security",
1372            "code": "6.10.1.1",1372            "code": "6.10.1.1",
1373            "label": "Network controls",1373            "label": "Network controls",
1374            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1374            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1375            "referential_label": "ISO 27701",1375            "referential_label": "ISO 27701",
1376            "uuid": "de3adccd-edfe-4379-9b4a-f8243baa6afc"1376            "uuid": "de3adccd-edfe-4379-9b4a-f8243baa6afc"
1377        },1377        },
1378        {1378        {
1379            "category": "PII sharing transfer and disclosure",1379            "category": "PII sharing transfer and disclosure",
1380            "code": "A.7.5.4",1380            "code": "A.7.5.4",
1381            "label": "Records of PII disclosure to third parties",1381            "label": "Records of PII disclosure to third parties",
1382            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1382            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1383            "referential_label": "ISO 27701",1383            "referential_label": "ISO 27701",
1384            "uuid": "df68917b-f26e-4511-92c1-3b77be11df0f"1384            "uuid": "df68917b-f26e-4511-92c1-3b77be11df0f"
1385        },1385        },
1386        {1386        {
1387            "category": "Privacy by design and privacy by default",1387            "category": "Privacy by design and privacy by default",
1388            "code": "A.7.4.7",1388            "code": "A.7.4.7",
1389            "label": "Retention",1389            "label": "Retention",
1390            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1390            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1391            "referential_label": "ISO 27701",1391            "referential_label": "ISO 27701",
1392            "uuid": "e1ea896d-cf46-4a7a-a1ad-a4c3ea188866"1392            "uuid": "e1ea896d-cf46-4a7a-a1ad-a4c3ea188866"
1393        },1393        },
1394        {1394        {
1395            "category": "Obligations to PII principals",1395            "category": "Obligations to PII principals",
1396            "code": "B.8.3.1",1396            "code": "B.8.3.1",
1397            "label": "Obligations to PII principals",1397            "label": "Obligations to PII principals",
1398            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1398            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1399            "referential_label": "ISO 27701",1399            "referential_label": "ISO 27701",
1400            "uuid": "e7247cf7-a80b-4f1d-a32b-9ddd79a84371"1400            "uuid": "e7247cf7-a80b-4f1d-a32b-9ddd79a84371"
1401        },1401        },
1402        {1402        {
1403            "category": "Physical and environment security",1403            "category": "Physical and environment security",
1404            "code": "6.8.2.3",1404            "code": "6.8.2.3",
1405            "label": "Cabling security",1405            "label": "Cabling security",
1406            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1406            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1407            "referential_label": "ISO 27701",1407            "referential_label": "ISO 27701",
1408            "uuid": "e7f6a752-9122-47cd-a52b-6c6ee7e182f5"1408            "uuid": "e7f6a752-9122-47cd-a52b-6c6ee7e182f5"
1409        },1409        },
1410        {1410        {
1411            "category": "Actions to address risks and opportunities",1411            "category": "Actions to address risks and opportunities",
1412            "code": "5.4.1.3",1412            "code": "5.4.1.3",
1413            "label": "Information Security Risk Treatment",1413            "label": "Information Security Risk Treatment",
1414            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1414            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1415            "referential_label": "ISO 27701",1415            "referential_label": "ISO 27701",
1416            "uuid": "e9ba3458-e01f-43e0-9883-7b53a2c8b1a3"1416            "uuid": "e9ba3458-e01f-43e0-9883-7b53a2c8b1a3"
1417        },1417        },
1418        {1418        {
1419            "category": "Access control",1419            "category": "Access control",
1420            "code": "6.6.2.6",1420            "code": "6.6.2.6",
1421            "label": "Removal or adjustment of access rights",1421            "label": "Removal or adjustment of access rights",
1422            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1422            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1423            "referential_label": "ISO 27701",1423            "referential_label": "ISO 27701",
1424            "uuid": "ea2ec9a6-269a-4e38-a90c-381528893d06"1424            "uuid": "ea2ec9a6-269a-4e38-a90c-381528893d06"
1425        },1425        },
1426        {1426        {
1427            "category": "Organisation of information security",1427            "category": "Organisation of information security",
1428            "code": "6.3.1.3",1428            "code": "6.3.1.3",
1429            "label": "Contact with authorities",1429            "label": "Contact with authorities",
1430            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1430            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1431            "referential_label": "ISO 27701",1431            "referential_label": "ISO 27701",
1432            "uuid": "ea53cbc7-bec8-472b-9468-6389ea53e786"1432            "uuid": "ea53cbc7-bec8-472b-9468-6389ea53e786"
1433        },1433        },
1434        {1434        {
1435            "category": "Operation",1435            "category": "Operation",
1436            "code": "5.6.3",1436            "code": "5.6.3",
1437            "label": "Information security risk treatment",1437            "label": "Information security risk treatment",
1438            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1438            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1439            "referential_label": "ISO 27701",1439            "referential_label": "ISO 27701",
1440            "uuid": "ec5da672-3770-4120-a041-b61b09b84757"1440            "uuid": "ec5da672-3770-4120-a041-b61b09b84757"
1441        },1441        },
1442        {1442        {
1443            "category": "Physical and environment security",1443            "category": "Physical and environment security",
1444            "code": "6.8.2.6",1444            "code": "6.8.2.6",
1445            "label": "Security of equipment and assets off-premises",1445            "label": "Security of equipment and assets off-premises",
1446            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1446            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1447            "referential_label": "ISO 27701",1447            "referential_label": "ISO 27701",
1448            "uuid": "edebd5a7-ebb3-4942-8b72-60293b1ec524"1448            "uuid": "edebd5a7-ebb3-4942-8b72-60293b1ec524"
1449        },1449        },
1450        {1450        {
1451            "category": "Operation",1451            "category": "Operation",
1452            "code": "5.6.1",1452            "code": "5.6.1",
1453            "label": "Operational planning and control",1453            "label": "Operational planning and control",
1454            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1454            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1455            "referential_label": "ISO 27701",1455            "referential_label": "ISO 27701",
1456            "uuid": "ee177f90-a062-4d24-aea7-a7e1098ad3e4"1456            "uuid": "ee177f90-a062-4d24-aea7-a7e1098ad3e4"
1457        },1457        },
1458        {1458        {
1459            "category": "Physical and environment security",1459            "category": "Physical and environment security",
1460            "code": "6.8.2.2",1460            "code": "6.8.2.2",
1461            "label": "Supporting utilities",1461            "label": "Supporting utilities",
1462            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1462            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1463            "referential_label": "ISO 27701",1463            "referential_label": "ISO 27701",
1464            "uuid": "f08bfc02-4466-4378-ac24-73247e695667"1464            "uuid": "f08bfc02-4466-4378-ac24-73247e695667"
1465        },1465        },
1466        {1466        {
1467            "category": "Systems acquisition development and maintenance",1467            "category": "Systems acquisition development and maintenance",
1468            "code": "6.11.2.4",1468            "code": "6.11.2.4",
1469            "label": "Restrictions on changes to software packages",1469            "label": "Restrictions on changes to software packages",
1470            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1470            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1471            "referential_label": "ISO 27701",1471            "referential_label": "ISO 27701",
1472            "uuid": "f1645c93-2336-4729-9c68-dc77341e7112"1472            "uuid": "f1645c93-2336-4729-9c68-dc77341e7112"
1473        },1473        },
1474        {1474        {
1475            "category": "Compliance",1475            "category": "Compliance",
1476            "code": "6.15.1.1",1476            "code": "6.15.1.1",
1477            "label": "Identification of applicable legislation and contractual requirements",1477            "label": "Identification of applicable legislation and contractual requirements",
1478            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1478            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1479            "referential_label": "ISO 27701",1479            "referential_label": "ISO 27701",
1480            "uuid": "f3db84e6-5546-48db-bd12-86b56490ace5"1480            "uuid": "f3db84e6-5546-48db-bd12-86b56490ace5"
1481        },1481        },
1482        {1482        {
1483            "category": "Access control",1483            "category": "Access control",
1484            "code": "6.6.1.2",1484            "code": "6.6.1.2",
1485            "label": "Access to networks and network services",1485            "label": "Access to networks and network services",
1486            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1486            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1487            "referential_label": "ISO 27701",1487            "referential_label": "ISO 27701",
1488            "uuid": "f943a311-075b-4282-bf24-cf36b7aff54d"1488            "uuid": "f943a311-075b-4282-bf24-cf36b7aff54d"
1489        },1489        },
1490        {1490        {
1491            "category": "Physical and environment security",1491            "category": "Physical and environment security",
1492            "code": "6.8.2.5",1492            "code": "6.8.2.5",
1493            "label": "Removal of assets",1493            "label": "Removal of assets",
1494            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1494            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1495            "referential_label": "ISO 27701",1495            "referential_label": "ISO 27701",
1496            "uuid": "f98a71be-5dd2-4124-82d5-1a533516c8a3"1496            "uuid": "f98a71be-5dd2-4124-82d5-1a533516c8a3"
1497        },1497        },
1498        {1498        {
1499            "category": "Communication security",1499            "category": "Communication security",
1500            "code": "6.10.1.2",1500            "code": "6.10.1.2",
1501            "label": "Security of network services",1501            "label": "Security of network services",
1502            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1502            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1503            "referential_label": "ISO 27701",1503            "referential_label": "ISO 27701",
1504            "uuid": "fae6cccf-0765-4894-9914-5983325e39e1"1504            "uuid": "fae6cccf-0765-4894-9914-5983325e39e1"
1505        },1505        },
1506        {1506        {
1507            "category": "Conditions for collection and processing",1507            "category": "Conditions for collection and processing",
1508            "code": "A.7.2.7",1508            "code": "A.7.2.7",
1509            "label": "Joint PII controller",1509            "label": "Joint PII controller",
1510            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1510            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1511            "referential_label": "ISO 27701",1511            "referential_label": "ISO 27701",
1512            "uuid": "fcd65733-75b3-4c48-b066-783a2766fa71"1512            "uuid": "fcd65733-75b3-4c48-b066-783a2766fa71"
1513        },1513        },
1514        {1514        {
1515            "category": "Asset Management",1515            "category": "Asset Management",
1516            "code": "6.5.3.1",1516            "code": "6.5.3.1",
1517            "label": "Management of removable media",1517            "label": "Management of removable media",
1518            "referential": "f65b378c-ab20-4651-825b-4da34944b519",1518            "referential": "f65b378c-ab20-4651-825b-4da34944b519",
1519            "referential_label": "ISO 27701",1519            "referential_label": "ISO 27701",
1520            "uuid": "fe333449-ff0e-46ff-845a-deace938868b"1520            "uuid": "fe333449-ff0e-46ff-845a-deace938868b"
1521        }1521        }
1522    ],1522    ],
1523    "version": 1,1523    "version": 1,
1524    "version_ext": "2019"1524    "version_ext": "2019"
1525}1525}