Comparison of ISO 27001 versions

Lena Vierus
Comparison of the ISO 27001 Versions

Content

ISO 27001 is an international standard for information security management systems (ISMS). It defines how companies should plan, implement, monitor and improve their information security. ISO 27001 is updated regularly. In this article you will find a comparison between ISO 27001 version of 2013 and ISO 27001 version of 2022.

ISO 27001 Version of 2013 vs. 2022

  • The ISO 27001:2013 was the previous version of the ISO standard and was valid until September 14, 2021.
  • The ISO 27001:2022 is the current version of the standard and has been in force since September 15, 2021.

The Following is an overview of the new features of version 2022.

ISO 27001:2022

  • contains a new structure that is based on the high-level structure (HLS) of the ISO standards. This is intended to facilitate integration with other management system standards.
  • contains new terminology and redefines terms such as “risk”, “vulnerability” and “threat”.
  • places greater emphasis on the concept of risk management and introduces a new risk assessment method.
  • introduces the concept of “behavioral security”, which emphasizes the influence of behavior and culture on information security.
  • emphasizes the importance of communication and commitment of managers in the implementation of the ISMS.
  • introduces the concept of “organizational resilience”, which describes a company’s ability to adapt to change and manage risks.
  • introduces a new requirement for companies to publish a “Security Statement” in which they describe their security objectives and measures.

Summary

Overall, ISO 27001:2022 is an updated version of the standard that is geared towards the changing needs and requirements in the area of information security. It places greater emphasis on the concept of risk management and introduces new concepts such as “Behavioural Security” and “Organizational Resilience”. Companies that have already implemented the standard should inform themselves about the changes and adapt their ISMS accordingly.

ISO 27001 as a Service

Do you need support in updating or implementing the ISO 27001 standard? We guide you cost-efficiently on the fast lane to ISO 27001 certification!

I want to learn more
Icon Zertifizierung TISAX , ISO 27001, B3S, IX TISAX® Concept