Whats the difference between the previous version and new version of ISO 27001.
Answer: This kind of question is not common on interviews (specially considering the previous version of ISO 27001:2013 is from 2005), but the main differences are related to:
- the structure
- Interested parties
- Documented information
- Risk assessment and treatment
- Objectives, monitoring and measurement
- Corrective & preventive actions
- the number of controls on Annex A.