ISO 27000 Series Update for ISMS

Author(s)/Presenter(s):
Library Content Type:
Publish Date: 
Wednesday, May 11, 2022
Event Name: 
Event Track:
Abstract: 

The ISO/IEC 27000-series standards provide an information security framework designed to assist organization in managing cyber-attack risks and improving their information security practices. It does this by setting out information security management system (ISMS) requirements and guidance, providing a systematic approach to risk management that focuses on people, processes, and technology. At the heart of this series is the ISO/IEC 27001 standard with its ISO/IEC 27002 companion, which are used internationally by organizations seeking to certify their ISMS. With the February 2022 publication of the third edition of ISO/IEC 27002, the stage has been set for a wave of changes for the ISO/IEC 27000-series that will also impact ISO/IEC 27001 certifications.

This session will highlight the changes for the third edition of ISO/IEC 27002 and explain the ramifications to the entire series, including anticipated timelines. The last such changes in 2013 had a significant impact on the security community and early indications are that the new ISMS requirements and guidance are non-trivial changes.

Watch video: