Information security management
What Is ISO 27001: 2022?
In 2022 this standard has been reissued as ISO/IEC 27001 Information Security Management.
This is a significant update providing more robust controls, enabling your organization to address increasingly sophisticated security risks, ensure business continuity, and gain a competitive advantage. Understanding these changes and their impact on your organization as soon as possible will ensure your information remains protected, and that you continue to maximize your competitive edge.
If you are an organisation with a current ISO 27001 certificate you will need to make changes in order to transition to the new version. It is recommended that you familiarise yourself with these changes, conduct a gap analysis to identify the gaps in your current system and what is required to meet the requirements of the new standard, implement the changes and then contact your certification body. QSI will assist you throughout this process.
For a company implementing ISO 27001 for the first time, the 2022 version of the standard will need to be followed. The standard is applicable to any business in any sector. It addresses the people, processes, and technologies that process protected information/data. Its companion document, ISO 27002:2022, provides guidance on how to implement the security controls.
Any business in any industry can apply ISO 27001 to better protect critical data. ISO 27001 applies a comprehensive set of security controls (which has been updated since the 2013 version), Annex A, that includes information security best practices, control areas, and control objectives. It mitigates threats to information confidentiality, integrity, and availability (CIA) to ensure business security and continuity. The new version of the standard includes a crosswalk from the old controls to the new controls to assist in transition.
ISO 27001 Consulting Services
Information security is complex, but QSI has programs to make it attainable for small to medium businesses. We make certification as simple and effective as possible. Whether onsite or online, our consultants handle the complicated parts of ISO 27001 so that you can focus on your business. We’ll help you understand how the standard applies to your specific organization. Implemented properly, ISO 27001 gives you a continual return on your investment.
We have assisted a wide range of organizations in different sectors including Digital Documents, Corporate Health Ireland, Indeemo, Seabrook Technology Group and others.