Skip to main content
Search by keyword

This SME Guide is based on ISO/IEC 27002 standard and outlines the essential controls for SMEs to protect user’s privacy and data and ensure GDPR compliance, and reach the essential level of protection via the implementation of cybersecurity standards.

Out of the 114 controls presented in the ISO/ICE 27002 standard, the guide presents 16 essential controls that SMEs need to implement to provide adequate protection for their digital assets.

The controls cover four main categories:

  • Personal
  • Organisational
  • Partially Organisational/Technical
  • Technical (ICT related)

In addition to raising awareness of cybersecurity, this implementation guide aims to contribute to the ongoing efforts to upgrade the digital intensity of SMEs. Cybersecurity SMEs can use this guide to tailor solutions for non-ICT SMEs and strengthen their security requirements, while upgrading their level of digital capabilities.

Skills intelligence publication details

Target audience
Digital skills for the labour force.
Digital skills for ICT professionals and other digital experts.
Digital technology / specialisation
Geographic scope - Country
Industry - field of education and training
Information and Communication Technologies (ICTs) not further defined
Geographical sphere
International initiative
Publication type
General guidelines