Many organizations have a need to control information and information systems. ISO/IEC 27002:2022 provides a set of controls that can be used to manage their information security risks, either as part of a conformant ISO/IEC 27001 Information Security Management System or a set of globally accepted set of best practices that can be implemented in isolation or as a foundation for organizational guidelines. This course provides a review to the updated standard from ISO/IEC 27002:2013, what the key differences are and how an organization may implement these changes should they choose to do so.
This one day course will provide knowledge required to update and manage your information security controls when aligned with ISO 27002:2022.
Who is this course for?
ISO/IEC 27001 qualified implementers and auditors or those with equivalent knowledge and experience. Suggested job roles include:
- Those responsible for implementing and managing an information security management system.
- Those with responsibilities for auditing their information security management system
What are the benefits?
- By attending this course delegates will learn how to effectively prepare an information security controls set using the guidance in ISO 27002:2022
- You will gain an understanding of the new structure of the standard
- Understand the new controls in ISO 27002:2022
What will I learn?
- Define the changes to ISO 27002:2022
- Determine how to use the control attributes in the management of ISO 27002 control sets
- Demonstrate how to identify organizational attributes
- Implement new controls within ISO 27002 if relevant to their organization
