ISO 27002 is an international standard that provides guidelines for information security management. It’s a widely-used framework that helps organizations manage their information security risks. The latest version of the standard, ISO 27002:2022, was published in September 2022 and replaces the previous version, ISO 27002:2013.
It provides updated guidance on information security management and includes new sections on topics such as cloud security, IoT security, and supply chain security. Like other ISO standards, ISO 27002 is voluntary, and organizations can choose to use it as a guideline for their information security management practices.