.jpg)
The ISO Review Podcast
The ISO Review Podcast is a production of the SymplifyISO. In each episode, we share the latest International Standards Development, and is your resource for getting the most out of your management systems. Your podcast hosts are Howard Fox & Jim Moran. Howard is a Business Coach and Host of the Success InSight Podcast. Jim is an ISO Management System Professional, celebrating 30-plus years delivering ISO support.
The ISO Review Podcast
ISO 27001:2022 - Here's What to Look For...
•
Jim Moran / Howard Fox
•
Season 1
•
Episode 9
In this episode, Howard and Jim review the changes in ISO 27001:2022, Information Security Management Systems Requirements
Items discussed include:
- ISO 27001 - Information Security Management System was the pioneer in what was first known as the High Level Structure, is now called the Harmonized Structure, as it was developed for all the other standards to be built on.
- The breadth of changes in the Clauses:
- 4.2 - Interested Parties (minor tweak);
- 4.4 - Description of the Entire System (additional information added);
- 6.1 - Risk Management (additional information and clarification);
- 6.2 - Information Security Objectives (additional information and clarification);
- 6.3 - Change Management (new clause);
- 7.4 - Communication (minor tweak);
- 8.1 - Operation Planning (rewritten);
- 9.1 - Monitoring (additional information);
- 9.2 - Internal Auditing (expanded with new information);
- 9.3 - Management Review - (expanded)
- Annex A - Controls. They have been reorganized from 14 categories to 4 categories and have been reduced from 114 controls to 93:
- Clause 5 - Organization Controls (37)
- Clause 6 - People Controls (8)
- Clause 7 - Physical Controls (14)
- Clause 8 - Technological Controls (34)
- ISO 27002, the guidance document for Annex A (more in the next episode!)
- The benefit of beginning recertification sooner rather than later
What's in Store For The Next Episode
- Our topic is ISO 27002:2022 - Security Techniques, the newly updated guidance document for ISO 27001:2022 Annex A
- Next Steps
Click here to visit the SimplifyISO website to discover how this cloud-based management system will satisfy all the Standards requirements, client requirements, and any other ISO requirements that need to be met.
More about Jim Moran
- LinkedIn: https://www.linkedin.com/in/simplifyiso/
- LinkedIn Articles: https://www.linkedin.com/in/simplifyiso/detail/recent-activity/posts/
- YouTube: https://www.youtube.com/channel/UCrt2Hgj-5AjHKEvyf2ssZ8g
More about Howard
- Click here to learn more about the Coaching and Podcast Services provided by Fox Coaching, inc.
- LinkedIn: https://www.linkedin.com/in/foxcoachinginc/
