Safeguards or countermeasures to avoid, detect, counteract, or minimize security risks. They may be referred to as clauses in ISO.
A5. Management direction for information security
A6. Organization of information security
A7. human resource security
A8. Asset Management
A9. Access Control
A10. Cryptography
A11. Physical and Environmental security
A12. Operation security
A13. Communication Security
A14. Systems acquisition, Development and Maintenance
A15. Supplier Relationships
A16. Information Security Incident Management
A17. Information Security Aspects of Business Continuity
A18. Compliance
A5. Organizational Controls
A6. People Controls
A7. Physical Controls
A8. Technological Controls