New version of ISO 27001 now available! Discover the new updates to the standard

The update from ISO 27001:2013 to ISO 27001:2022 brings some long-awaited changes to the standard. However, these changes only apply to the controls listed in Annex A of ISO 27001, with no change in its requirements (clauses 4 to 10).

The changes made to the standard were prepared with a view to simplifying the ISO 27001 implementation process. The previous 114 controls, some of them obsolete, were condensed into just 93, organized into 4 sections (replacing the 14 previously existing sections). However, reducing the number of controls does not represent their exclusion from the standard, but their merger/reorganization. Additionally, 11 new controls were introduced.

For organizations already certified in ISO 27001, updating the standard will lead to the need to update the certification, in order to ensure compliance with the version of the standard in force. In these cases, since a lot of information is kept, the duration of the certification process will be significantly shorter.

In the case of organizations that still intend to be certified, it is still feasible to start the implementation process based on the version still in force, making the necessary adjustments later.

The advantages of ISO 27001 certification remain:

  • Improvement in the organization's posture regarding information security;
  • Compliance with data protection regulations;
  • Business efficiency gains;
  • Reduction of IT expenses;
  • Increased competitiveness.

Strongstep is distinguished to help your organization update ISO 27001 certification.

We have a completely free new service assessment

If your company has not yet implemented the International Information Security Standard, please download our Ebook now and learn more about this service to improve your business.

Related posts