On 15 February 2022, the ISO 27002 Standard (which provides guidelines on selecting, implementing and managing information security controls) was updated, providing some significant changes from the ISO 27002:2013 Standard. On 25 October 2022, ISO 27001:2022 was published with its Annex A incorporating all the 27002 Controls. There were also a number of changes to the main management system clauses aimed at making some requirements more explicit and also aligning more closely with other annex SL standards, such as ISO 9001 and ISO 22301.

By attending this 2-day online course, you will not only learn what the key changes are to the Annex A controls and management system clauses, but more importantly, how to transition from ISO 27001:2013 to ISO 27001:2022. On day 1 you will be introduced to the key changes to ISO 27002:2022 including the 4 new themes, the new/merged and updated controls, along with the new ‘attributes’ feature. On day 2, having addressed the changes to the management system clauses, the primary focus will be on how to update your risk assessment and Statement of Applicability, along with the different approaches you can take to transitioning to the new control set. You will also learn how to use, link and present the new attributes.

‍

Would thoroughly recommend URM.

PCIRM Course Attendee

in association with