Information Security Leader, Author, Instructor and Speaker

What’s New in the ISO 27001:2013 update?

Posted on March 14, 2014 in Articles | by

Since its initial publication in 2005, the International Organization for Standardization’s ISO 27001 served as the information security industry’s gold standard for the design of information security programs. The standard defines the high-level requirements that all information security programs should address and provides a structure for evaluating the completeness of an organization’s program. While relatively few organizations pursue formal ISO 27001 certification, many use the standard as both a blueprint for designing a comprehensive set of security controls and a yardstick for measuring existing security programs.

Last September, ISO 27001 received its first major update, with the release of ISO 27001:2013. This new standard accomplishes two main objectives: updating the content of the standard to reflect developments in the security world over the past decade and reorganizing the standard to better align with other international standards.

Read more:ISO 27001:2013 update: What changes?

Published March 14, 2014 on


Leave a Reply

Your email address will not be published. Required fields are marked *

Mike Chapple, CISSP, Ph.D.

Mike is an IT leader, information security professional, author, speaker and trainer with over fifteen years of experience in the field.

Full Biography