The primary change in ISO 27001:2022 was to Annex A, which was realigned with ISO 27002:2022. Annex A shrank from 114 controls in 14 domains to 93 controls in 4 themes: Organizational, People, Physical, and Technological. Eleven new controls were added covering threat intelligence, cloud security, data masking, and secure coding. The transition deadline for 2013 certifications was October 2025 - verify current status with your certification body.
Keep Exploring