3/24/2024 0 Comments Iso 27002![]() ![]() It is a list of possible information security controls with guidance for each control on how to implement it. However, the basic principle is the same. It also includes a number of new more “modern” controls – for example “cloud security”, “threat intelligence” and “web filtering”. It contains fewer controls (93 rather than 114) with some controls merged together and some split into two, etc. It remains to be seen how useful this is. if it is preventive or corrective, etc and if it is about confidentiality, integrity or availability, etc. The groupings of controls is different (4 rather than 14) and each control is tagged in various ways – e.g. In this respect it is just like any of the other control frameworks – e.g. This new version of ISO27002 is long overdue as the current version was published in 2013 and is now hopelessly out of date, A lot has changed in 8 years! Let us hope we don’t have to wait another 8 years for the next version.Īs with the previous version ISO27002 is designed to be standalone in that it can be used by organisations not interested in ISO27001 and who just want a set of possible information security controls to use in their organisation. This article gives a quick overview about the new versions of ISO27001 and ISO27002 due for release early 2022. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |