1.Audit Assurance and compliance.
2.Application and Interface security.
3.Business Continuity Management and Operational Resilience.
4.Change control and configuration management
5.Data center security
6.Data security and Information lifecycle management
7.Encryption and key management
8.Governance and Risk management
9.Human Resources.
10.Identity and Access management
11.Interoperability and Portability
12.Infrastructure and virtualization security
13.Security Incident Management,e-discovery,cloud Forensics.
14.Threat and Vulnerability management
15.Supply chain management,Transparency and Accountability