Changes to ISO 27001

ISO 27001 is an international standard that outlines the requirements for an information security management system (ISMS). It provides a framework for organisations to follow in order to securely manage their information and protect it from unauthorised access, use, disclosure, disruption, modification, or destruction.

The previous version of ISO 27001 was ISO/IEC 27001:2013. However, a new version, ISO/IEC 27001:2022, was released in October 2022. Some of the key changes in the updated standard include:

  1. A stronger emphasis on risk management The updated standard places a greater emphasis on risk assessment and the treatment of risk. It also requires organisations to establish a formal risk management process – we’d recommend organisations follow the ISO 31000 risk management process.
  2. New requirements for supply chain security – The updated standard includes new requirements for managing and protecting information throughout the supply chain. Globally, we’ve seen regulators focussing on this. Many regulators have introduced guidelines/regulation around the outsourcing of critical business activities.
  3. A focus on data privacy – The updated standard includes additional requirements related to the protection of personal data and the handling of data breaches. This ties in with the introduction of many pieces of data protection regulations, including GDPR.
  4. Changes to the structure and organization of the standard – The updated standard has a new structure, with a more logical flow and clearer language.

It is important for organizations that are currently certified to ISO 27001:2013 to be aware of these changes and to prepare for the transition to the updated standard. This may involve updating their ISMS to meet the new requirements and undergoing a recertification process.

To learn more about how the CalQRisk solution can assist with cybersecurity risk management, ISO 27001 compliance and more, request a free tailored demo.

 

Recent News

CalQRisk Shortlisted as Best Technology Partner in Housing Digital Innovation Awards

CalQRisk has been named a finalist in the Housing Digital Digital Innovation awards. CalQRisk is nominated as best ...
Read More

CalQRisk Achieves G-Cloud 14 Approved Supplier Status

Delighted to confirm that following on from our GCloud 13 supplier status, that CalQRisk has been listed as ...
Read More

CalQRisk named as Finalist for Cyber Security Provider of the Year at the Cyber Insurance Awards Europe

CalQRisk are thrilled to be finalists for the Cyber Security Solution Provider of the Year at the Cyber ...
Read More

Volunteer Succession Planning – ‘Tomorrow’ has arrived.

Strong succession planning is critical for the viability of all businesses but can be particularly challenging for volunteer-led ...
Read More

What is CSRD?

The Corporate Sustainability Reporting Directive (CSRD) is a framework for non-financial reporting which is mandatory for large companies ...
Read More

CalQRisk Triumphs at the 2024 FS Awards, Winning Compliance and RegTech Award

At a distinguished ceremony held at the iconic Mansion House, CalQRisk emerged as the proud recipient of the ...
Read More

NoFrixion Selects CalQRisk for its DORA Compliance Efforts

NoFrixion, the Embedded Banking company based in Dublin, Ireland, has announced its partnership with CalQRisk to ensure compliance ...
Read More

CalQRisk is a finalist in the FS Awards

CalQRisk has been named as a finalist in the competitive and prestigious FS Awards for the Compliance and ...
Read More

CalQRisk Customer Support Manager wins Rising Star at Irish Early Career Awards 2024

Congratulations to our Customer Support Manager, Eimear Farrell, who was named as a Rising Star in the Fintech ...
Read More

CalQRisk wins Pitch Competition at ESCO Cyber Solution Days Event, Kilkenny, September 2024

The Cyber Ireland (CI) CISO Forum and ESCO Cyber Solution Days event took place in the Lyrath Hotel, ...
Read More