← Back to all briefings
Cybersecurity 5 min read Published Updated Credibility 40/100

Cybersecurity Briefing — ISO/IEC 27002:2022 control updates published

On 15 February 2022 ISO released the updated ISO/IEC 27002:2022 standard, restructuring security controls, adding attributes, and introducing new guidance on threat intelligence, cloud, and physical monitoring.

Zeph Tech Research Lead

Research lead, Zeph Tech

Single-point timeline showing the publication date sized by credibility score.
Publication date and credibility emphasis for this briefing. Source data (JSON)

ISO published ISO/IEC 27002:2022 on 15 February 2022, revising the guidance that underpins Annex A controls in ISO/IEC 27001. The update consolidates controls into four themes (organizational, people, physical, technological), adds attributes for mapping, and introduces new practices on threat intelligence, cloud services, secure coding, data leakage prevention, and physical security monitoring.

Security and compliance teams preparing for ISO/IEC 27001:2022 certification should refresh Statements of Applicability, update control mappings to the new attribute model, and plan evidence collection for the added controls before surveillance or recertification audits.

  • ISO catalogue entry confirms publication of ISO/IEC 27002:2022 and outlines its scope.
  • ISO preview shows the revised control structure and titles for mapping and gap analysis.
Single-point timeline showing the publication date sized by credibility score.
Publication date and credibility emphasis for this briefing. Source data (JSON)

Related briefings

Curated signals from the same pillar or overlapping topics.

Continue in the Cybersecurity pillar

Return to the hub for curated research and deep-dive guides.

Visit pillar hub

Latest guides

  • Security Controls
  • Compliance
  • Risk Management
Back to curated briefings