The ISO/IEC 27002:2022 standard was published on February 15, 2022. ISO 27002 standard; It is a standard that provides detailed guidance on information security controls specified in Annex A of the ISO27001 standard.
The
first significant change in ISO 27002:2022 is the updated and
significantly simplified structure of the standard: instead of the
previous 114 security measures (controls) in 14 sections, the reference
set of the updated ISO 27002 version now consists of 93 controls,
clearly subdivided and summarized in 4 subject areas:
37 security measures in the "Organizational controls" section
8 security measures in the field "Human controls"
14 security measures in the "physical controls" area
34 security measures in the field of "technological controls"
Although the number of security measures has been reduced, only the "Removal of Assets" control has actually been deleted. The
reason for the regulation is to consolidate 24 security measures from
existing controls and restructure them to meet protection objectives in a
more focused way. In addition, 58 security measures have been reviewed and adapted to meet contemporary requirements.