Skip to Main Content
Save 25% on selected auditor training courses. Find out more
ISO/IEC 27002 2022 Standard

ISO/IEC 27002 2022 Standard

SKU: 5859
Authors: IEC
Publishers: ISO/IEC
Format: PDF
Pages: 152
Published: 15 Feb 2022
Availability: Available now

ISO/IEC 27002:2022 – Information security, cybersecurity and privacy protection – Information security controls

The international standard that supports the implementation of an ISMS (information security management system) based on the requirements of ISO 27001.

Price: 228,00 €
ex. VAT

The ISO/IEC 27002:2022 standard

ISO 27002:2022 is an international standard designed for organisations of all types and sizes. It establishes the guidelines and general principles for initiating, implementing, maintaining and improving information security management in an organisation and supports the implementation of an ISMS based on the requirements of ISO 27001.

What are the differences between the 2013 and 2022 editions of ISO/IEC 27002?

The 2022 edition of the Standard cancels and replaces the previous edition (ISO/IEC 27002:2013). It has been technically revised and incorporates the Technical Corrigenda ISO/IEC 27002:2013/Cor. 1:2014 and ISO/IEC 27002:2013/Cor. 2:2015.

The main changes are:

  • The title has been modified;
  • The structure of the document has been changed, presenting the controls using a simple taxonomy and associated attributes; and
  • Some controls have been merged and several new controls have been introduced. Mapping between the two versions can be found in Annex B of the Standard.

Standard outline


  1. Scope
  2. Normative references
  3. Terms, definitions and abbreviated terms
  4. Structure of this document
    1. Clauses
    2. Themes and attributes
    3. Control layout
  5. Organizational controls
  6. People controls
  7. Physical controls
  8. Technological controls

Annex A – Using attributes
Annex B – Correspondence of ISO/IEC 27002:2022 with ISO/IEC 27002:2013

Customer Reviews

SAVE 25%