One Article Review
| Source |  NoticeBored |
|---|---|
| Identifiant | 2829433 |
| Date de publication | 2021-05-24 17:23:22 (vue: 2021-05-24 06:05:25) |
| Titre | News on ISO/IEC 27002 |
| Texte | Today I've slogged my way through a stack of ~50 ISO/IEC JTC1/SC27 emails, updating a few ISO27001security.compages here and there on ongoing standards activities. The most significant thing to report is that the 3rd (2013) edition of ISO/IEC 27002 appears on-track to reach final draft stage soon and will hopefully be approved this year, then published soon after (during 2022, I guess). The standard is being extensivelyrestructured and revised, collating and addressing about 300 pages of comments from the national standards bodies at every stage. The editorial team are doing an amazing job! The new '27002 structure will have the controls divided into 4 broad categories or types i.e. technical, physical, people and 'organizational' [=other]:  For comparison, the standard is currently structured into 13 security domains:  '27002 will nearly double in size, going from 90 to 160 pages or so, thanks to new controls and additional advice including areas such as cloud and IoT security. Virtually all of the original controls have been retained but most have been reworded for the new structure and current practice … and there's an appendix mapping the old clauses to the new. '27001 Annex A is being updated to reflect the changes, and a new version of that standard is due to be published in the 2nd quarter of 2022. I presume other standards based on '27002 (such as ' |
| Envoyé | Oui |
| Condensat | i presume other technical 160 2013 2022 27001 27002 27011 27799 2nd 300 3rd =other about accordingly activities additional addressing advice after all also amazing annex appears appendix approved are areas based been being bodies broad but categories changes clauses cloud collating comments compages comparison controls current currently divided doing domains: double draft due during edition editorial emails every extensivelyrestructured final from going guess have here hopefully including iot iso/iec iso27001security job jtc1/sc27 mapping most national nearly new news old ongoing organizational original pages people physical point practice published quarter reach reflect report retained revised reworded security significant size slogged some soon stack stage standard standards structure structured such team thanks then there thing through today track types updated updating version virtually way will year ~50 |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.