Get 4 FREE months of Conformio to implement ISO 27001

Expert Advice Community

Guest

Clarification about controls of ISO 27001:2022

  Quote
Guest
Guest user Created:   Feb 22, 2023 Last commented:   Feb 22, 2023

Clarification about controls of ISO 27001:2022

IRCA circulars and publications refer to controls of this standard with prefix “A.”;e.g. A.5.34, A.7.1 etc. This was the practice in ISO 27001:2013 also.

The 2022 release of the standard itself refers to them without such prefix. I would like to refer them with the prefix as otherwise controls like 7.1, 8.2. 5.3 etc may be confused with corresponding clauses.

Is there any other logic in favour of referring the controls with prefix “A.”? While browsing the internet we see that both styles are being followed.

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Feb 22, 2023

Please note that the prefix “A” before the control ID is used to relate a control to ISO/IEC 27001 Annex A. Any control identified without the prefix “A” refers to ISO/IEC ISO 27002:2022.

ISO/IEC 27001:2022 defines requirements for the implementation of an Information Security Management System (ISMS).

ISO/IEC 27002:2022 provides guidelines for the implementation of controls from ISO/IEC 27001 Annex A. ISO/IEC 27002 is not mandatory for the implementation of ISO/IEC 27001.

For further information, see:

This material can also help you:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 22, 2023

Feb 22, 2023

Suggested Topics