Enter your keyword

What are the major changes in the ISO 27001:2013 version?

Some of the major changes in the controls are:

  • Inclusion of System engineering and project management: New controls added to address information security in project management, Secure development policy, Secure system engineering principles.
  • Mobile device policy: This is to address increasing use of mobile devices in information processing and also use of personal devices to access organizational information assets.
  • System security testing: information processing systems should be tested for its compliance to security requirements. This testing is in addition to the regular system acceptance test conducted after system changes.