The document summarizes updates to ISO 27001:2022. Key points include:
- The structure and grouping of controls in ISO 27002 have been updated, with controls now organized under four main domains and reduced in number from 114 to 93.
- New controls have been introduced related to threat intelligence, information security for cloud services, and ICT readiness for business continuity.
- The mandatory clauses of ISO 27001 remain unchanged, while some controls from ISO 27002 have been merged or reorganized under the new domain structure.