Iso/iec 27002:2013 Direct

Security in lifecycle processes.

Added controls for Cloud Services, Threat Intelligence, and Secure Coding 4. Strategic Value

ISO/IEC 27002:2013: A Comprehensive Code of Practice for Information Security Controls ISO/IEC 27002:2013

Management direction for security.

Reduces vulnerability to cyberattacks and data loss. Security in lifecycle processes

In February 2022, a major update was released. While the 2013 version remains a common reference point for legacy systems, organizations are increasingly transitioning to the 2022 edition. ISO/IEC 27002:2013 ISO/IEC 27002:2022 114 controls 93 controls (due to merging) Organization 14 domains 4 themes: Organizational, People, Physical, Technological Key Addition Control Objectives "Attributes" (tags for risk, type, etc.) New Domains

Managing third-party risks.

Protecting against malware, data loss, and technical vulnerabilities.