ISO 27002 has changed and that will also have consequences for ISO 27001.

The familiar set of Annex-A controls is being overhauled. From 14 to 4 chapters and from 114 to 93 controls. Attributes are also added for each control, such as #corrective or #integrity. Many old controls are reflected in the new standard, but controls have also been merged or are completely new.

YICE is fully prepared for the new standard, including the control attributes. Moreover, it is easy to make links between the old and new standard. This certainly comes in handy in a transition period. The advantage of the control attributes is that they can also be used in YICE to quickly find suitable controls for a certain risk, which saves a lot of searching. Useful!

Sooner or later the changes will have an impact on your ISO 27001 implementation and certification. Perhaps a good time to move to a robust GRC environment, such as YICE.

Curious? Let me know and we’ll make an appointment!