ISO/IEC 27002:2022 

Information security, cybersecurity and privacy protection - Information security controls


Do you need a multi-user copy?




This document provides a reference set of generic information security controls including implementation guidance. This document is designed to be used by organizations:
a) within the context of an information security management system (ISMS) based on ISO/IEC 27001;
b) for implementing information security controls based on internationally recognized best practices;
c) for developing organization-specific information security management guidelines.

Look inside

Additional information

Publication typeInternational Standard
Publication date2022-02-15
Available language(s)English
TC/SCISO/IEC JTC 1/SC 27 - Information security, cybersecurity and privacy protectionrss
ICS35.030 - IT Security
File size2533 KB

The following test report forms are related:

Share this page

Share your publications

Learn how to share your publications with your colleagues, using networking options.

Payment information

Our prices are in Swiss francs (CHF). We accept all major credit cards (American Express, Mastercard and Visa, JCB and CUP), PayPal and bank transfers as form of payment.

Keep in touch

Keep up to date with new publication releases and announcements with our free IEC Just Published email newsletter.

Contact customer services

Please send your enquiry by email or call us on +41 22 919 02 11 between 09:00 – 17:00 CET Monday to Friday.