
ISO/IEC 27001:2022
ISO/IEC 27001:2022 is an international standard that specifies the requirements for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS) within organizations. It is applicable to all types of organizations, regardless of their size or industry sector.
Key Requirements of ISO/IEC 27001:2022:
-
Organizational Context: Organizations must identify external and internal factors that affect their ability to achieve the objectives of the Information Security Management System (ISMS).
-
Leadership: Management must demonstrate commitment to the ISMS by establishing policies, roles, and responsibilities related to information security.
-
Planning: Identify risks and opportunities associated with information security and plan actions to address them.
-
Support: Provide the necessary resources, competencies, awareness, and communication to ensure the effective operation of the ISMS.
-
Operational Activities: Plan, implement, and control the processes needed to achieve ISMS objectives.
-
Performance Evaluation: Monitor, measure, analyze, and evaluate the ISMS's effectiveness through internal audits and management reviews.
-
Improvement: Identify nonconformities and take corrective actions to ensure the continuous improvement of the ISMS.
ВIn the 2022 update, changes were introduced to Annex A, which contains the reference controls for information security. The number of controls has been reduced from 114 to 93, with some controls merged, and 11 new controls added.
Threat Intelligence
Information Security for Cloud Services
Physical Security
Monitoring
Configuration Management
Information Deletion
Data Masking
Data Loss Prevention
(DLP)
Activity Monitoring
ICT readiness to ensure business continuity
Web Filtering
Secure Coding

These changes aim to better align with current threats and technologies in the field of information security.
How can Cybernetics assist?
As cybersecurity experts, we provide comprehensive support to organizations in implementing and maintaining an ISMS (Information Security Management System) in accordance with ISO/IEC 27001:2022:
Training and Awareness
We offer training programs to enhance your employees' awareness and competencies regarding best practices in information security and the specific requirements of ISO 27001:2022.
Certification Preparation
We assist you in preparing for the successful completion of the certification audit
Continuous Improvement
We offer solutions for monitoring and improving the ISMS to ensure that your organization remains compliant with the standard's requirements and is prepared for future challenges.
Current State Assessment
We conduct a detailed analysis of existing processes and security practices to identify gaps and areas for improvement.
With our expertise and commitment to the highest cybersecurity standards, Cybernetics is a trusted partner in safeguarding your information and achieving compliance with ISO/IEC 27001:2022. We will guide you along the journey to reaching the required level of security, establishing your organization as reliable and secure during audits and inspections.