The International Organization Standardisation (ISO) has published an updated version of ISO/IEC 27001 which is now titled:
Information Security, Cybersecurity and Privacy Protection
The amended title really highlights the importance of Cyber Resilience to organisations.
The biggest change to the standard is to Annex A where a number of controls have been merged and renamed (which has also resulted in a decrease in the number of controls from 114 to 93). This has allowed improved alignment with the latest version of ISO 27002 which was published earlier this year.
It is likely that certification bodies will be able to assess against the new standard in the first half of 2023 although this timing will be dependent on UKAS.
Vassallo Associates can assist you with consultancy services for the implementation of ISO 27001 which can include internal and external support, managing the costs of the standard, assistance with the domains and controls required for the implementation as well as advice on certification bodies. Please download our free 22-page Information Security Management Guide and do not hesitate to contact us for an initial, no-obligation consultation.
