What is ISO/IEC 27001 Certification?
The global Cyber-security Outlook Report published by the World Economic Forum illustrates that incidents of cyber-attacks have been increased globally by 125% in 2021. Digital transformation and digital trust go hand in hand. An organization must enhance its digital resilience to increase digital trust.
The ISO 27001 Certification is the most widely used standard for Information Security Management Systems (ISMS). It is a centrally-managed framework to address the cyber security challenges and eliminate threats. Achieving an ISO 27001 Certificate demonstrates an organization’s commitment and ability to implement appropriate tools to protect users’ sensitive data and information.
ISO/IEC 27002 Certification is an integral part of ISO 27001 Certification. ISO 27001-Certified organizations implement Annex A control, a list of 114 Security controls to eliminate threats and cyber-security risks. ISO 27002 Certification provides an extensive description of how to implement these 114 Security controls within the organization.
What is the latest UPDATED version of ISO 27001?
We live in a digital world where everything can be found online, from a pin to your dream home. But this digital world has its own drawbacks, and it is necessary to address them accordingly. The International Organization for Standardization (ISO) has updated ISO 27001 Certification to manage the security threats that are introduced by this fast-changing world.
The NEW changes introduced by ISO 27001:2022 Certifications are as follows :-
• No changes were made to the actual clause of ISO 27001 Certification, while Annex A Controls (ISO 27002 Certification) have undergone major changes.
• The previous version of Annex A (ISO 27001:2013 Certification) consisted of 114 Security controls grouped into 14 domains.
• The ISO 27001:2022 Certification contains 93 security controls classified into four domains. It also added 11 new controls to Annex A. These are:-
• The previous version required only policies, but the updated version requires an organization to document operating procedures too.
• The updated version offers clear guidance and a more comprehensive explanation of ISO 27001 Annex A Security Controls.
• ISO/IEC 27001:2022 Certification classifies security controls by five attributes. These are:
1. Control Type
2. Cyber-security Concept
3. Information Security Properties
4. Operational Capabilities
5. Security Domains
You Might Also Like: