ISO 27002 Consultants

Our ISO 27002 consultants can help you implement the information security, cyber security and privacy controls of the standard as stand alone controls or as part of an ISO 27001 / ISO 27701 management system.

The ISO 27002:2022 standards offers a consolidated set of controls, revised down from 114 to 93, and spread across four control areas.

Organisational ControlsPeople Controls
Physical ControlsTechnological Controls

Mapping ISO 27002:2022 to ISO 27002:2013

If you have implemented controls from the previous addition, ISO 27002:2013, or are operating an information security management system to ISO 27001:2013, the new controls can be mapped across.

Changes to Controls

  • 58 Controls have been updated,
  • 24 Controls have been merged or combined.
  • 11 Controls are new.

Our ISO 27002 consultants can help you map the controls and advise on any changes required.  

Contact us for more information on ISO 27002.

ISO 27002 in Tenders

Many tender documents use the ISO 27002 control set during the bid process, often just listing out each control for the vendor to respond to.

During the transition period, tenders are likely to contain a mix of the ISO 27002:2013 and ISO 27002:2022 formats and controls.

Our ISO 27002 consultants can help you navigate these tender documents and provide a valid response to prequalification questionnaires.  

Contact us for more information.

Information Security Management Systems

ISO 27002 is now designed to stand alone or as part of an information security management system. 

Our ISO Consultants can help you implement a full ISMS using the controls of ISO 27002.

Related Standards

ISO 27001

The requirement for an information security management system (ISMS)

Learn More
ISO 27701 Consultants

ISO 27701

Privacy Information Management

Learn More