SIS Certifications is NOW IAS accredited for ISO 27001:2022 Certification

GURGAON, India - July 27, 2023 - PRLog -- SIS Certifications are proud to announce that they are now IAS accredited for ISO 27001:2022 Certification. The latest version came into existence in 2022. Although not drastically different from ISO 27001:2013, there are some noticeable modifications. The ISO/IEC 27001 is an Information security management standard that structures how businesses should manage risk associated with information security threats; including policies, procedures and staff training.

As everyone is aware of the cyber-attacks and they have increased by 125% by now. A cyber-attack can maliciously disable computers, steal data, or use a breached computer as a launch point for other attacks. An organization should intensify digital flexibility to build trust and secure the data.

Now with the introduction of the latest version ISO/IEC 27001:2022, this standard has become more effective in dealing with cyber-attacks, security threats and maintaining information security.

Some observable changes are: -

• Defining "how to communicate" is now required instead of defining "who will communicate for effective communication".
• In place of only processes, organizations must now maintain control over "externally delivered processes, products, or services" that are pertinent to the ISMS.
• The requirements and aspirations of interested parties must now be considered by the management review.
• It is now necessary to keep track of and make available any documentation related to information security objectives.
• ANNEX A has undergone some significant changes earlier version of ANNEX A contains 114 control units that are grouped into 14 clauses and the latest version contains only 93 units grouped into 4 clauses as many of them have merged.

The 4 new clauses are People controls (8 controls), Organizational controls (37 controls), Technological controls (34 controls), and Physical controls (14 controls) and 11 new controls that were added are: - Threat intelligence, Information security for use of cloud services, ICT readiness for business continuity, Physical security monitoring, Configuration management, Information deletion, Data masking, Data leakage prevention, Monitoring activities, Web filtering, Secure coding

Security controls are categorized by the ISO/IEC 27001:2022 standard using five characteristics: -

1. Control Type

2. Cyber-security Concept

3. Information Security Properties

4. Operational Capabilities

5. Security Domains

Both versions are quite similar to each other but they are not the same. There are some other standards which help in maintaining information security data management. Using the foundation of ISO 27001, ISO 27701 provides a framework for data privacy.

SIS Certifications is one of the most trusted certification bodies. We are accredited by both International Accreditation Services (IAS-IAF) and International Organization for Accreditation Services (IOAS).
If you would like more information about this topic please contact Mr Arunendra Dvivedi

+91 8860610495

support@siscertifications.com

https://www.siscertifications.com/