ISO 27001 - Control 5.17  - Authentication Information Control 5.17 Wording Control 5.17 - Authentication Information states "Allocation and management of authentication information should be controlled by a management process, including advising personnel on the appropriate handling of authentication information." What this means Control 5.17 aims to ensure that your organisation has in place proper rules for creating, giving out, and looking after login details like passwords, PINs, and access codes. This matters because the organisation needs to make sure that only the right people [...]