• Sign in
  • Get Started
HomeCompliance GlossaryISO 27002:2022

ISO 27002:2022

ISO 27002 is an international standard that provides guidelines for information security management. It’s a widely-used framework that helps organizations manage their information security risks. The latest version of the standard, ISO 27002:2022, was published in September 2022 and replaces the previous version, ISO 27002:2013.


It provides updated guidance on information security management and includes new sections on topics such as cloud security, IoT security, and supply chain security. Like other ISO standards, ISO 27002 is voluntary, and organizations can choose to use it as a guideline for their information security management practices.

Join the Thousands of Companies that Trust Drata

See All Case Studies
Wiz logo 2
Airbase
TaskRabbit Logo
BambooHR Logo
Clearbit Logo
Superhuman
Alteryx logo
Lemonade Logo
Notion Logo
Vercel Logo
Wordpress VIP
Calendly Logo

View Drata Glossary

Learn more about other compliance and cybersecurity concepts in our glossary.

Read More

Solutions

StartupMid-MarketEnterpriseDrata PlatformIntegrations
Frameworks
SOC 2ISO 27001HIPAAGDPRNIST AI Risk ManagementFedRAMPNIS 2Custom FrameworksAll Frameworks
Resources
BlogEventsWebinarsReportsSOC 2 HubISO 27001 HubProduct UpdatesCompliance GlossaryAPI Documentation
Company
CareersCustomersAuditorsPartnersPressContact UsLegal
Trust
Security and ComplianceTrust CenterSystem StatusAccessibility

© 2025 Drata Inc. All rights reserved.

|Privacy Notice|Legal