This paper aims to identify the controls provisioned in ISO/IEC 27001:2013 and ISO/IEC 27002:2013 that need to be extended to adequately meet, data protection requirements
The protection of personal data in the cyberspace has been an issue of concern for quite some time. However, with the revolutions in information technology,