ISO/IEC 27001:2022 Transition Notes – Part 4

ISO/IEC 27001:2022 contains 93 security controls in its Annex A. The 114 controls from the 2013 version of the standard have been amalgamated to form 82 of the 93 controls. 11 new security controls have been added.

The new security controls are as follows:

A.5.7 Threat intelligence

A.5.23 Information security for use of cloud services

A.5.30 ICT readiness for business continuity

A.7.4 Physical security monitoring

A.8.9 Configuration management

A.8.10 Information deletion

A.8.11 Data masking

A.8.12 Data leakage prevention

A.8.16 Monitoring activities

A.8.23 Web filtering

A.8.28 Secure coding

Detailed guidance in how to comply with all 93 security controls is available via ISO/IEC 27002:2022.