The ISO/IEC 27001 standard for information security and cybersecurity has been revised. The significant increase in cyberattacks makes this information security management system (ISMS) invaluable for organisations that want to get and keep their information security in order. Because secure information is vital in today's increasingly digital world.
ISO/IEC 27001 contains the requirements to establish, implement, maintain and improve an information security management system in your organisation .
For this purpose, ISO/IEC 27001 Annex A uses the security controls from the ISO/IEC 27002 code of practice for information security controls.
The new ISO/IEC 27001:2022 standard contains some additional minor changes:
Organisations with ISO/IEC 27001 certification will have the opportunity to incorporate the changes and adapt their ISMS accordingly. There is a three-year transition period for organisations to do this. This means that the changes will have no impact on current certification.
ISO/IEC 27001 has become the common international language for IT security across all industry sectors. The standard is used for risk management, cyber resilience and operational excellence.
Properly applied, this cybersecurity standard is a roadmap to information security excellence. It’s therefore the foundation for building and managing a secure future.
The updated information security standard is available in our e-shop.
We’ve created a handy overview of everything you need to know about ISO/IEC 27001, the international standard for information security.