ISO/IEC 27002 has been updated in 2022. So, what’s changed?
This international standard of generic information security controls is widely used across the information security community as a benchmark for implementing good security practices, and has been largely unchanged since 2013. However, earlier this year the updated standard has had more than a facelift – it’s had a full makeover. Fundamentally there are three main changes, which I’ll go into.