Page 143 mentions the five elements within the framework are as follows:
However the book actually mentions 6:
1. Control
2. Plan
3. Implement
4. Evaluation (should be evaluate – see figure 4.26)
5. Maintain
6. Security governance
This would make the ISMS (figure 4.26) either incomplete or wrong