ISO 27001 - What changed?

Quais foram as atualizações?

The update from ISO 27001:2013 to ISO 27001:2022 brings some long-awaited changes to the standard. However, these changes only apply to the controls listed in Annex A of ISO 27001, with no change in its requirements (clauses 4 to 10).

The changes made to the standard were prepared with a view to simplifying the ISO 27001 implementation process. The previous 114 controls, some of them obsolete, were condensed into just 93, organized into 4 sections (replacing the 14 previously existing sections). However, reducing the number of controls does not represent their exclusion from the standard, but their merger/reorganization. Additionally, 11 new controls were introduced.

For whom?

For organizations already certified in ISO 27001, updating the standard will lead to the need to update the certification, in order to ensure compliance with the version of the standard in force. In these cases, since a lot of information is kept, the duration of the certification process will be significantly shorter.

In the case of organizations that still intend to be certified, it is still feasible to start the implementation process based on the version still in force, making the necessary adjustments later.

Benefits

The advantages of ISO 27001 certification remain:

Quality

Business efficiency gains

Costs

Reduction of expenses with IT

Internationalization

Increased competitiveness

Security

GDPR compliance

The ISO 27001 eBook is here!

Your company has not yet implemented the international Information
to Security standard?
Download the eBook for free and find out what steps
to take to keep your business safe.

EBOOK DOWNLOAD

Contact form.

We are here to help! Get in touch with us.

Request further information.

By submitting your data, you agree with our Privacy Policy.