Skip to main content
Back

EVS-EN ISO/IEC 27002:2022

Information security, cybersecurity and privacy protection - Information security controls (ISO/IEC 27002:2022)

General information

Valid from 01.12.2022
Base Documents
EN ISO/IEC 27002:2022; ISO/IEC 27002:2022; EVS-EN ISO/IEC 27002:2022/AC:2024
Directives or regulations
None

Standard history

Status
Date
Type
Name
17.06.2024
Corrigendum
01.12.2022
Main
02.03.2017
Main

ISO/IEC 27002 focuses on information security controls and how to implement them. It is designed for organizations of all types and sizes who create, collect, process, store, transmit and dispose of electronic, physical or verbal information like conversations and presentations.

The value of information goes beyond written words, numbers and images. In an interconnected world, information requires protection against various risk sources. Information security is achieved by implementing a suitable set of controls, including policies, rules, processes, procedures, organizational structures and software and hardware functions.

ISO/IEC 27002 is meant to be used as part of an information security management system. It is intended to be used for implementing information security controls based on internationally recognized best practices or for developing organization-specific information security management guidelines.

It can be used by organizations to help them protect their information and follow best practices. The document is meant to be used as part of an information security management system, which is based on international standards. To meet its specific security and business objectives, the organization should define, implement, monitor, review and improve these controls where necessary.

The text of the international standard has been approved in Europe as EN ISO/IEC 27002:2022 without any changes and it supersedes EN ISO/IEC 27002:2017.

Required fields are indicated with *

*
*
*
PDF
46.36 € incl tax
Browse standard from 2.44 € incl tax
Standard monitoring

Customers who bought this item also bought

Main

EVS-EN ISO/IEC 27001:2023

Information security, cybersecurity and privacy protection - Information security management systems - Requirements (ISO/IEC 27001:2022)
Valid from 15.08.2023
Main

ISO/IEC 27001:2022

Information security, cybersecurity and privacy protection — Information security management systems — Requirements
Newest version Valid from 25.10.2022
Main

EVS-EN ISO/IEC 27701:2021

Security techniques - Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management - Requirements and guidelines (ISO/IEC 27701:2019)
Newest version Valid from 03.05.2021
Main

EVS-EN ISO/IEC 27007:2022

Information security, cybersecurity and privacy protection - Guidelines for information security management systems auditing (ISO/IEC 27007:2020)
Newest version Valid from 01.02.2022