The ISO 27023 technical report shows the relationship between the revised versions of ISO 27001 and ISO 27002, and will be useful to all users who are migrating their information security management systems (ISMSs) from the 2005 to the 2013 iteration of ISO 27001 and ISO 27002.
ISO 27023 compares ISO 27001:2013 with ISO 27001:2005 and ISO 27002:2013 with ISO 27002:2005, mapping old clauses to their new equivalents, and listing the 2013 standards’ new requirements as well as listing the clauses deleted from the 2005 versions.
For ISO/IEC 27002, the comparison is based on control objectives, controls, and implementation guidance.
If you’re upgrading your ISMS to bring it into line with the new, 2013, versions of ISO 27001 and ISO 27002, this technical report sets out all of the differences you need to be aware of.
It should be noted that ISO 27023 does not provide any explanatory commentary about why changes have been made or explain the significance of any change. Users must evaluate the significance of the changes in the context of their own application and implementation of the 2013 editions of ISO 27001 and ISO 27002.
Buy now for immediate download or dispatch.