Tag ISO 27001

risk approach

What is the risk approach in ISO 27001?

The international standard for information security, ISO 27001, was an early adopter of the risk-based approach to management systems. Since then, influenced by Annex SL, all modern management systems include risks and opportunities in clause 6. But why is risk…

iso 27002

What Has Changed in ISO 27002:2022?

ISO 27002, the standard used to determine and implement controls for information security management systems to ISO 27001, has been revised and published. Here is what’s changed in ISO 27002:2022: New Title & Scope The first significant change to the…