The update from ISO 27001:2013 to ISO 27001:2022 brings some long-awaited changes to the standard. However, these changes only apply to the controls listed in Annex A of ISO 27001, with no change in its requirements (clauses 4 to 10).
The changes made to the standard were prepared with a view to simplifying the ISO 27001 implementation process. The previous 114 controls, some of them obsolete, were condensed into just 93, organized into 4 sections (replacing the 14 previously existing sections). However, reducing the number of controls does not represent their exclusion from the standard, but their merger/reorganization. Additionally, 11 new controls were introduced.
For organizations already certified in ISO 27001, updating the standard will lead to the need to update the certification, in order to ensure compliance with the version of the standard in force. In these cases, since a lot of information is kept, the duration of the certification process will be significantly shorter.
In the case of organizations that still intend to be certified, it is still feasible to start the implementation process based on the version still in force, making the necessary adjustments later.
The advantages of ISO 27001 certification remain:
Strongstep is distinguished to help your organization update ISO 27001 certification.
If your company has not yet implemented the International Information Security Standard, please download our Ebook now and learn more about this service to improve your business.
More than half of large organizations have no effective defense against cyberattacks More than half
Cyberattacks against the Ukrainian government have increased by almost 200% Cyberattacks against the public administration and the
How to Accelerate the ISO 27001 Certification Process to Benefit Your Business When We Speak