Our first impression of the revised standard is that it provides a more straightforward structure that can be applied throughout an organisation and can now also be used to manage a broader risk profile.
The new ISO 27002 2022 revision was published on the 15th of February 2022. The ISO organisation hopes to improve the intent by providing a reference set for information security control objectives for use in context-specific information security, privacy and cyber security risk management. regulations such as GDPR (General Data Protection Regulation), POPIA (Protection of Personal Information Act), APPs (Australian Privacy Principles), the evolving business continuity, cyber risks and compliance challenges faced by organisations around the world and the introduction of ISO 27701 resulted in a need for ISO 27002 to broaden the scope of its controls from its original information security focus, to account for cyber security and information privacy and vulnerability management. Instead of “Information technology – Security techniques – Code of practice for information security controls”, the name is now “Information security, Cybersecurity and privacy protection – Information security controls” in the 2022 revision.Ĭhanges in the compliance landscape, e.g. In ISO 27002:2022, the name of the standard has been changed.
The code of practice gave the recommendations for managing information security to those responsible for initiating, implementing and maintaining information security in an organisation. The primary purpose of ISO 27002:2013 was to provide a comprehensive information security and asset management program for any organisation that either needed a new information security management program or wanted to improve its existing information security policies and practices. Make up to 81% progress from the minute you log inīook your demo ISO 27002 2013 original scope.The change of this standard to a new version will impact them. There are a large number of standards and other similar security frameworks related to or based upon ISO 27002:2013. In this post, we will explain the main changes to the standard and how you can successfully approach them. ISO/IEC 27002 has been revised to update the information security controls to reflect developments and current information security practices in various sectors of businesses and governments. 15) Can ISMS.online help you transition to the new ISO 27002:2022 revision?.13) Are any other 27000 standards affected?.9) Do you need to amend your documentation.8) How does it affect your (re)certification.
0 kommentar(er)
