Vinsys
toggle
close
    • blog
    • new in iso 27001 2022 standard
    blog image

    What is new in ISO/IEC 27001: 2022 Standard?

    Share Now
    Last Modified:09th September, 2024

    The latest and enhanced ISO/IEC 27001 versions were released recently to meet the increasing challenges in the domain of cybersecurity and boost digital reliability. The famous standard across the globe on information security management assists organizations in safeguarding the digital infrastructure, which is crucial in the modern digital world. 

    ISO/IEC 27001: 2022 Standard

    If you have the responsibility to manage information security, the latest ISO/IEC 27001: 2022 standard release needs you to execute the changes to make that you can have constant compliance and can seamlessly manage your posture of information security with the best business practices and incidental threats through digitization. Even if you have already taken the ISO 27001 : 2022 certification training but you will surely need the assistance for the latest version.

    What is new in The ISO 27001: 2022 Standard? 

    Various changes are editorial in the new version, such as altering the "global standard" to "doc" entirely and phrase rearrangement to enable them for smooth global translation. 

    Changes have also been made to line up with the ISO systematized methodologies. 

    1. Re-structuring of numbers: 

    Need of the process definition required to execute the ISMS and its aligned interactions. The definite requirement is to clear roles in the organization for information security inside the organization. 

    2. Planning of Changes: Latest Clause 6.3 - 

    A latest need to make sure that the organization directs the communication know-how, as clause 7.4 part. Also, organizations need to create the scenario for the process' implement control and operational process. 

    The fundamental alteration, however, implements upgrades to the current controls, according to Annex A, to associate the standard seamlessly with the recent changes for ISO/IEC 27002, which are cybersecurity, information security and privacy protection. 

    The updates of the ISO/IEC 27001: 2022 also look upon the risk management enhanced more and more over organizational operations. Henceforth, the new version is more about making information security more direct for the professionals to monitor and analyze the security control properly. 

    3. Understanding the fundamental changes in Annex A Controls in ISO 27001: 2022 - 

    The control numbers have been lowered to 93 from 114. A few controls are removed, the other 24 have been merged, and 58 have been altered. 11 advanced control of security have been added, created to meet the changing information security and cybersecurity landscape, which are as follows: 

    • A.5.7 Threat intelligence 
      • A.5.23 Information security for the use of cloud services 
      • A.5.30 ICT readiness for business continuity 
      • A.7.4 Physical security monitoring 
      • A.8.9 Configuration management 
      • A.8.10 Information deletion 
      • A.8.11 Data masking 
      • A.8.12 Data leakage prevention 
      • A.8.16 Monitoring tasks 
      • A.8.23 Web filtering 
      • A.8.28 Secure coding  

    Henceforth, you can upscale the system of management for seamless work of ISMS and better associate with the advanced context of risks related to security risks and businesses. 

    The structure is derived from four core areas. 

    • Technological 
    • Physical 
    • People
    • Organizational 

    This contradicts the earlier 14 areas which formulated the standard's earlier version. 

    The new attribute concepts have been brought up: 

    Connected with the most used terminology leverage within digital protection, five new attributes have been initiated: 

    • Cybersecurity concepts 
    • Operational capabilities 
    • Control type 
    • Information security properties 
    • Security domains

    These will enable the businesses to know their present posture of security and motivate them to opt for the security practices and procedures which will enhance the business operations. 

    Empower your posture of information security with upskilling or cybersecurity professionals: 

    Businesses that opt for cyberspace transformation and change rapidly evolve as the market leader in the industry and leverage an edge in the market. The latest ISO/IEC 27002 makes sure that the entire organization covers under the cybersecurity umbrella. Upskill or reskill your professionals with Vinsys advanced ISO 27001 training online so that your information security team can better ensure their strategy, lower breaches risk and develop goodwill for your brand, which will ultimately lead to business growth. 

    Also Check , ISO 27001 Interview Questions and Answers

    Get in touch with us today!

    Cybersecurityinformation securityinformation security management systemsISO 27001 Latest Version 2022 Transition GuideISO/IEC 27001:2022Key changes of the new ISO/IEC 27001:2022privacy protectionWhen is ISO27001 being updated?
    Individual and Corporate Training and Certification Provider
    VinsysLinkedIn21 December, 2022

    Vinsys is a globally recognized provider of a wide array of professional services designed to meet the diverse needs of organizations across the globe. We specialize in Technical & Business Training, IT Development & Software Solutions, Foreign Language Services, Digital Learning, Resourcing & Recruitment, and Consulting. Our unwavering commitment to excellence is evident through our ISO 9001, 27001, and CMMIDEV/3 certifications, which validate our exceptional standards. With a successful track record spanning over two decades, we have effectively served more than 4,000 organizations across the globe.

    Let’s Talk
    India
    United Arab Emirates
    United States of America
    Saudi Arabia
    Qatar
    ©1998–2024 Vinsys | All Rights Reserved

    Follow Us:

    facebooktwitterlinkdinyoutube
    • Privacy Policy
    • Terms & Conditions
    X
    Select Language
    X
    ENQUIRE NOW