ISO/IEC TS 27022:2021 – Information Technology – Guidance on Information Security Management System Processes

Richard Green, CQP FCQI, Managing Director of Kingsford Consultancy Services, UK, outlines the newest guidance on information security implementation and operation. In the early days of management systems, a high degree of emphasis was placed on operating in accordance with specific, designated procedures. Management system standards were highly prescriptive, not only telling organisations which procedures…