![]() ![]() The ever-growing threat landscape, vulnerabilities like Log4J and rapid growth of digital technology make way for the need to update ISO 27002. However, change was not ready to alter the Annex A of ISO 27001 in 2019. ![]() The change follows ISO's observation, dating back to as early as 2018, that an update of ISO 27002 would be needed. Where the ISO 27001:2013 was last reviewed and (re-)confirmed in 2019, the ISO 27002 will see change this year. Introduction of control attributes and views to differentiate per different perspective.Īll ISO standards are subject to periodic review at least every five years.There will be 11 new controls as part of the 93.This is mostly reached by consolidation of controls. The number of controls will decrease from 114 to 93.Chapters 5-8 will entail respectively Organizational-, People-, Physical- and Technological controls.ISO 27002:2013 chapter A5 – A18 will be replaced by 4 chapters:.The term “Code of Practice” has been dropped as to better reflect it being a reference set of security controls rather than a checklist. ![]() The ISO 27002:2022 will get a major overhaul with regards to how the control chapters are organized: October passed and new publication date is rumored to be around February 2022. Earlier on in February I wrote the article ISO 27002:2021(?) Change is coming expecting an update of the ISO standard around October 2021. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |