supernav-iconDrataverse - June 22 | Drata’s inaugural user and compliance summit
HomeCompliance GlossaryISO 27005:2022

ISO 27005:2022

ISO 27005:2022 is an international standard that provides information security risk management guidelines. It’s part of the ISO 27000 series of standards, which provide guidelines and best practices for information security management. The standard was published in September 2022 and replaces the previous version, ISO 27005:2011.


It provides updated guidance on identifying, assessing, and managing information security risks and integrating risk management into an organization's overall information security management system (ISMS). It also includes new sections on risk assessment methodologies, risk treatment, and risk reporting. ISO 27005:2022 is intended to help organizations effectively manage their information security risks and protect their sensitive information.

Join the thousands of companies that trust Drata

See All Case Studies
Abnormal Logo
Airbase
BambooHR Logo
BigID Logo
Clearbit Logo
Clearco Logo
Lemonade Logo
Fivetran Logo
Notion Logo
Vercel Logo
Wordpress VIP
Calendly Logo

View Drata Glossary

Learn more about other compliance and cybersecurity concepts in our glossary.

Read More

Drata is a security and compliance automation platform that continuously monitors and collects evidence of a company’s security controls, while streamlining workflows to ensure audit-readiness.

Solutions

StartupScaleEnhanceDrata PlatformIntegrations
Frameworks
SOC 2ISO 27001HIPAAGDPRCustom FrameworksAll Frameworks
Resources
BlogDrata EventsWebinarsReportsCompliance GlossaryCommunityAPI Documentation
Company
Careers
HIRING
CustomersAuditorsPartnersPressContact Us
Trust
Security and ComplianceTrust CenterSystem Status
Become a Trusted Newsletter Insider

The latest security and compliance news, delivered.

Secured DesktopSecured Desktop

© 2023 Drata Inc. All rights reserved.

Privacy PolicyGDPRTermsCookiesDisclosure PolicySub-processorsData Processing Addendum