ISO/IEC 27008 is a standard published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). The standard is part of the ISO/IEC 27000 family of standards, which focuses on information security management. Specifically, ISO/IEC 27008 provides guidance on the review of information security controls, including the audit of information security management systems (ISMS).
To learn more about ISO/IEC 27008 and start implementing its guidelines, download the standard in PDF format from the ISO or IEC websites.
You can find more information about this standard here: https://www.iso.org/standard/67492.html