This document provides a reference set of generic information security controls including implementation guidance. This document is designed to be used by organizations:
a) within the context of an information security management system (ISMS) based on ISO/IEC27001;
b) for implementing information security controls based on internationally recognized best practices;
c) for developing organization-specific information security management guidelines.
Status: PublishedPublication date: 2022-02
Corrected version (en): 2022-03
Edition: 3Number of pages: 152
Technical Committee: ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection
- ICS :
- 35.030 IT Security
Buy this standard
|std 1 208||PDF + ePub|
|std 2 250||PDF + ePub + Redline|
|std 3 208||Paper|
ISO/IEC 27002:2013/Cor 1:2014Withdrawn
ISO/IEC 27002:2013/Cor 2:2015
ISO/IEC 27002:2022Stage: 60.60
Got a question?
Check out our FAQs
+41 22 749 08 88
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)
Keep up to date with ISO
Sign up to our newsletter for the latest news, views and product information.