DISC's ISO 27001 assessment is performed to measure conformance with ISO 27001 specification requirements and ISO 27002
controls.
The number of security controls in new version of ISO 27002:2022 has decreased from 114 controls in 2013 edition to 93 controls in the 2022
edition. Eliminating risk is seldom a viable option in practice: risk management and
reduction is the aim.
ISO 27002:2022 Compliance per category
DISC ISO 27K assessment include but not limited to the following:
Free assessment of one key objective of your choice - Contact us to book an appointment
The core section of the standard retains its 11 clauses with minor modifications, while significant structural revisions have been implemented in the Annex A controls. Control categories have been
rearranged, resulting in a reduction in the total number of controls. Broadly speaking, 11 new controls have been added, 57 controls have been consolidated, 23 controls have been rebranded, and three
controls have been eliminated. The introduction of these 11 new controls underscores the heightened significance of Cloud, DevOps, and Personal Information, which have evolved over the past
decade.
- A.5.7 Threat
intelligence
- A.5.23
Information security for the use of cloud services
- A.5.30 ICT
readiness for business continuity
- A.7.4 Physical
security monitoring
- A.8.9
Configuration management
- A.8.10
Information deletion
- A.8.11 Data
masking
- A.8.12 Data
leakage prevention
- A.14.1.4 Secure
development policy
- A.16.2.4
Security of supplier services
- A.18.2.3
Protection of personal information in public clouds
ISO 27002:2022 has three control types, #Preventive, #Corrective and #Detective. Some of these controls share more than one control
types. There are total 12 Detective, 13 Corrective, and 83 Preventive controls and 15 controls (12+13+83
= 108 -15 = 93) which share more than one control type in ISO 27002:2022 latest guidance. If you like to know more about how and when to start complying with new and latest control
guidance, please contact us to book an appointment to discuss
the details, how DISC llc can assist your organization with ISO 27001 compliance or certification plans.
To download and review the standard: COPYRIGHT PROTECTED DOCUMENT
DISC llc gap assessment for ISO 27001 & ISO 27002 2013/2022 includes 5 level rating (CMMI) matrix of your choice for
each control, category and domain. Our transition plan (strategy roadmap) will enumerate the details of how to get
from as-is state to to-be state.
Start your ISMS project with ISO27001 2013 Documentation Toolkit
ISO/IEC 27001 2022 Gap Analysis Tool (Download)
Our approach to ISO 27001 Internal
Audit
ISO/IEC 27001 Certifications of
individuals
Download ISO27000 family of information security standards today!
Capability Maturity Model Integration (CMMI) to ISO 27002
vciso, ISO 27001, Infosec, Security compliance, Security risk assessment, DISC InfoSec, Vendor risk assessment, vciso services, virtual ciso, Cybersecurity risk management, information security
threats, Cyber security risk assessment companies, ISO 27001 risk management, ISO isms, ISO it security, ISMS risk management, Data security management system, Security threat information, Cyber data
security, ISMS consulting, Security awareness, ISMS certified,ISMS iimplementer