– Information technology — Security techniques — Guidelines for the assessment of information security controls
The standard outlines various ways to validate controls, which can include: ISO International Management Systems Institute Podcast iso 27008