A.5.28 — Collection of evidence

This control ensures evidence is collected and preserved during security incidents to support investigations. Measures include chain-of-custody procedures, secure storage, and access controls.

Property	Value
Section	process
Owner	platform

Mapped Controls

Control	Title
SID-AUDIT-01	Structured Security Event Logging

Source: ISO/IEC 27001:2022 Annex A

Mapped Controls

Mapped Controls​

Mapped Controls