M 1 Common aspects

B 1.0 Security management

B 1.1 Organisation

B 1.2 Personnel

B 1.3 Business continuity management

B 1.4 Data backup policy

B 1.5 Data protection

B 1.6 Protection against malware

B 1.7 Crypto-concept

B 1.8 Handling security incidents

B 1.9 Hard- and Software-Management

B 1.10 Standard software

B 1.11 Outsourcing

B 1.12 Archiving

B 1.13 Information security awareness and training

B 1.14 Patch and change management

B 1.15 Deleting and destroying data

B 1.16 Compliance management