ISO 27001:2022 Twenty-Two Controls That Most Implementations Delegate to HR and Facilities. ISO 27001 Delegates Them to Nobody. They are Information Security Controls.
ISO 27001 Annex A.6 and A.7 controls are often treated as HR and Facilities tasks. This blog explains why they are ISMS controls requiring governance, ownership, and evidence.