ISO-27002-2022
Implementation guide for 27001 controls.
Definition
ISO 27002:2022 published February 2022 (before 27001:2022). Reduces 114 → 93 controls. Introduces 5 classification attributes: Control Type, Information Security Properties, Cybersecurity Concepts, Operational Capabilities, Security Domains. Details each control with purpose, guidance, other information.
Origin
Published 15 February 2022 by ISO ; precursor of 27001:2022.
Example in context
A CISO uses ISO 27002:2022 control 8.16 (monitoring activities) to specify the SIEM for their EDI system.
Related terms
- ISO 27001:2022 — certifiable framework.