As we previously mentioned, one of the major significant revisions to the ISO/IEC 27001 is the amendment of Annex A. The first obvious change is in the title of the standard “Information security, cybersecurity and privacy protection — Information security management systems”. The others are minor modifications to the requirements. 
The new version of the ISO/IEC 27001 
ISO standards try to go for a review cycle every 5 years. The internationally recognized ISO/IEC 27001 standard went through deep changes in the controls and some minor elements of the 4 to 10 we are happy to share with you:   
– Section 4: mostly wording changes 
– Section 5: no changes 
– Section 6: some changes around objectives must be taken into consideration 
– Section 7: simplification 
– Section 8: mostly rewording 
– Section 9: reorganization of the section and particularly of the internal audit part 
– Section 10: reorganization of the section 
If you wish to view all the specifics of the modifications, we have produced a detailed document that we will be happy to share with you.