New & translated standards
Quick updates on standards

Safely facing the future with the new ISO/IEC 27001


The ISO/IEC 27001 standard for information security and cybersecurity has been revised. The significant increase in cyberattacks makes this information security management system (ISMS) invaluable for organisations that want to get and keep their information security in order. Because secure information is vital in today's increasingly digital world.

What is ISO/IEC 27001?

ISO/IEC 27001 contains the requirements to establish, implement, maintain and improve an information security management system in your organisation .

For this purpose, ISO/IEC 27001 Annex A uses the security controls from the ISO/IEC 27002 code of practice for information security controls.

What has changed in this new version?

  • Annex A contained 114 controls in 14 domains. The restructured 2022 version has 93 controls divided into 4 main domains. Some controls have been merged, while others are new and may require modification of your existing system.
  • The updated standard is now in line with the Harmonized Structure (HS) for management system standards.

The new ISO/IEC 27001:2022 standard contains some additional minor changes:

  • The sections on ‘stakeholders’, ‘scope’, ‘risk treatment’ and ‘operational planning’ have been refined.
  • A section on ‘change management’ was added.
  • The ‘audit programme’ and ‘input/output’ sections have been split.

Transition period for certified companies

Organisations with ISO/IEC 27001 certification will have the opportunity to incorporate the changes and adapt their ISMS accordingly. There is a three-year transition period for organisations to do this. This means that the changes will have no impact on current certification.

Essential for IT

ISO/IEC 27001 has become the common international language for IT security across all industry sectors. The standard is used for risk management, cyber resilience and operational excellence.

Properly applied, this cybersecurity standard is a roadmap to information security excellence. It’s therefore the foundation for building and managing a secure future.

Want to buy the new standard?

The updated information security standard is available in our e-shop.

Buying standards

Want to know more about information security?

We’ve created a handy overview of everything you need to know about ISO/IEC 27001, the international standard for information security.

Read more about ISO/IEC 27001

Thank you for your interest!
The link to the white paper on standards for SMEs has been sent to your email address.
You can also download it immediately below.
Oops! Something went wrong while submitting the form.

Related articles

See all articles
Arrow pointing right