This document provides guidance on the enterprise protective security architecture and the framework of protective security policies, processes and types of controls necessary to mitigate and manage security risks across the protective security domains, including:
a)    security governance;
b)    personnel security;
c)    information security;
d)    cybersecurity;
e)    physical security.
This document is applicable for any organization.

ISO 22340:2024

Security and resilience - Protective security - Guidelines for an enterprise protective security architecture and framework