Clause 6 of ISO 27001 concerns the organization of information security. It contains two main clauses - Clause A.6.1 deals with internal organization and defines information security roles, segregation of duties, and contacts with authorities and interest groups. Clause A.6.1 also requires information security to be addressed in project management. Clause A.6.2 concerns mobile devices and teleworking, requiring policies on mobile device and teleworking security including controls for access, backups, and encryption.