{"id":25208,"date":"2023-09-04T10:07:53","date_gmt":"2023-09-04T08:07:53","guid":{"rendered":"https:\/\/www.digitrust.nl\/?p=25208"},"modified":"2025-11-24T16:38:59","modified_gmt":"2025-11-24T15:38:59","slug":"what-are-the-differences-between-iso-270012022-and-iso-270012013","status":"publish","type":"post","link":"https:\/\/www.digitrust.nl\/en\/nieuws\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\/","title":{"rendered":"What are the differences between ISO 27001:2022 and ISO 27001:2013?"},"content":{"rendered":"<p>On 25 October 2022, the updated ISO 27001 standard was introduced in the Netherlands. The ISO 27001:2022 replaces the old ISO 27001:2013 standard. In this article, we explain what has changed from the old 2013 standard.<\/p>\n<p>In brief:<\/p>\n<ul>\n<li>The name of the standard has been changed<\/li>\n<li>The number of chapters has been shortened<\/li>\n<li>The number of management measures has been reduced (much has been merged)<\/li>\n<li>11 new management measures have been added<\/li>\n<li>Changes have also been made in the management system.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h2>ISO 27001:2023<\/h2>\n<p><strong>Note:<\/strong> ISO 27001:2023 has recently been published. This is the European version of <a href=\"https:\/\/www.digitrust.nl\/en\/certification-2\/iso-27001-certification\/\">ISO 27001<\/a>. This version is completely identical to the global version, only a European preface has been added. What this means exactly <a href=\"https:\/\/www.digitrust.nl\/en\/news\/what-does-the-new-version-iso-270012023-mean\/\">read here<\/a>.<\/p>\n<p><strong>Key insight<\/strong>: this does not affect your existing certifications achieved according to ISO 27001:2022.<\/p>\n<p>&nbsp;<\/p>\n<h2>Why has ISO 27001 been changed?<\/h2>\n<p>Standards are revised periodically to ensure they remain in line with practice. This is to prevent the standard from being overtaken by technological developments and new insights. Thanks to this revision from ISO 27001:2013 to ISO 27001:2022, the ISO standard meets the current times with threats and technology in the context of information security, cybersecurity and privacy.<\/p>\n<p>&nbsp;<\/p>\n<h2>The ISO 27001:2022 standard is leading<\/h2>\n<p>ISO introduced the standard in the Netherlands at the end of 2022. ISO 27001:2022 will therefore be leading and that means that <span style=\"text-decoration: underline;\">ISO 27001:2013<\/span>, <span style=\"text-decoration: underline;\">ISO 27001:2013\/Cor 1:2014<\/span>, <span style=\"text-decoration: underline;\">ISO 27001:2013\/Cor 2:2015<\/span> and <span style=\"text-decoration: underline;\">NEN-EN-EN-ISO\/IEC 27002:2017<\/span> come to an end. Naturally, there is a transition period during which both the old and new standards are valid. This gives organisations room to incorporate the new standard rules into their information security systems (ISMS).<\/p>\n<p>This transition period covers 3 years, meaning that all existing certificates must be switched to the new version by 1 November 2025.<\/p>\n<p>&nbsp;<\/p>\n<h2>A new name of the standard ISO 27001:2022 \/ ISO27001:2023<\/h2>\n<p>There have been considerable developments in cybersecurity and privacy protection in recent years. These are important pillars that fall under information security. Hence, these terms in the description of the <a href=\"https:\/\/www.digitrust.nl\/en\/certification-2\/iso-27001-certification\/iso-27001-standard\/\">ISO 27001 standard<\/a> are included. This ensures that the descriptive name of this ISO standard is all-encompassing when it comes to information security.<\/p>\n<ul>\n<li>Old name: Information technology - Security techniques - Information security management systems - Requirements<\/li>\n<li>New name: Information security, cybersecurity and privacy protection - Information security management system - Requirements<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>Besides a new name, some changes have also been made to the HLS (High Level Structure). HLS is the uniform way established to build management system standards. ISO 27001:2022 has been adapted to the new HS (Harmonised Structure), which is the new basic structure of the ISO standard. These changes provide better alignment with Annex SL. Several points in chapters 4 to 10 have been tightened, added, rewritten or split. These are the changes:<\/p>\n<ul>\n<li>4.1 Context tightened<\/li>\n<li>4.2 Stakeholders tightened up<\/li>\n<li>4.4 ISMS tightened up<\/li>\n<li>6.1.3 Risk treatment tightened up<\/li>\n<li>6.2 Targets tightened up<\/li>\n<li>6.3 Change management added<\/li>\n<li>8.1 Operational planning has been rewritten<\/li>\n<li>9.1 Monitoring tightened up<\/li>\n<li>9.2 General and audit programme is split<\/li>\n<li>9.3 General, input and output split<\/li>\n<li>10.1 Improvement and Deviations &amp; Corrective Measures has been updated<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h2>ISO 27001: from 14 to 4 chapters<\/h2>\n<p>The Annex A of the ISO 27001 standard has been changed. Basically, the various chapters and control measures have been rearranged and merged. This brings more overview, as the number of chapters has been merged and shortened from 14 to 4.<\/p>\n<ul>\n<li>A5 - Organisational control measures: This section is a collection of all management measures not covered by <span style=\"text-decoration: underline;\">man<\/span>, <span style=\"text-decoration: underline;\">physical security<\/span> or <span style=\"text-decoration: underline;\">engineering<\/span> fall. It includes 37 measures.<\/li>\n<li>A6 - People-oriented management measures: This section includes all management measures that deal with people. Think of: awareness and working conditions. It includes 8 measures.<\/li>\n<li>A7 - Physical management measures: This section focuses on all measures that deal with the physical security of sites and, for example, equipment maintenance. In it, you will find 14 measures.<\/li>\n<li>A8 - Technological management measures: This section focuses on all technological measures. Think about the security of your network and information processing systems or how you technical staff work safely. Here you will find 34 measures.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h2>Management measures of ISO 27001<\/h2>\n<p>The old standard ISO 27001:2013 included 114 control measures. A hefty list, which has been shortened in ISO 27001:2022. There are now 93 management measures. ISO decided to merge many measures, making the standard fit for the times. However, ISO did add 11 new management measures.<\/p>\n<ul>\n<li>5.7 - Threat information and analysis:<br \/>\nInformation related to information security threats should be collected and analysed to produce threat intelligence.<\/li>\n<li>5.23 - Information security for the use of cloud services:<br \/>\nProcesses for acquiring, using, managing and terminating cloud services should be established in accordance with the organisation's information security requirements.<\/li>\n<li>5.30 - ICT readiness for business continuity:<br \/>\nICT readiness should be planned, implemented, maintained and tested based on business continuity objectives and ICT continuity requirements.<\/li>\n<li>7.4 - Monitoring physical security:<br \/>\nThe building and grounds should be continuously monitored for unauthorised physical access.<\/li>\n<li>8.9 - Configuration management:<br \/>\nConfigurations, including security configurations, of hardware, software, services and networks should be identified, documented, implemented, monitored and reviewed.<\/li>\n<li>8.10 - Deletion of information:<br \/>\nInformation stored in information systems, devices or other storage media should be deleted when no longer required.<\/li>\n<li>8.11 - Masking data:<br \/>\nData should be masked in accordance with the subject-specific access security policy and other related subject-specific policies, and business requirements of the organisation, taking into account applicable legislation.<\/li>\n<li>8.12 - Preventing data leaks:<br \/>\nMeasures to prevent data leaks should be implemented in systems, networks and other devices on or through which sensitive information is processed, stored or transported.<\/li>\n<li>8.16 - Monitoring activities:<br \/>\nNetworks, systems and applications should be monitored for anomalous behaviour and appropriate measures should be taken to address potential information security incidents<br \/>\nevaluate.<\/li>\n<li>8.23 - Applying web filters:<br \/>\nAccess to external websites should be managed to limit exposure to malicious content.<\/li>\n<li>8.28 - Secure coding:<br \/>\nSecure coding principles should be applied to software development.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h2>What does this mean for NEN 7510 or BIO?<\/h2>\n<p>To what extent do these ISO 27001 changes impact NEN 7510 or BIO? If the basic management measures are going to change, NEN 7510 and BIO will also have to be adapted. This is because NEN 7510 and BIO consist of additional control measures added to ISO 27001 Annex A. NEN 7510 is expected to be updated in 2024 based on the 2023 version. Our advice? Wait with a transition until these standards are updated.<\/p>\n<p>&nbsp;<\/p>\n<h2>View the ISO 27001:2022 transition deadlines<\/h2>\n<p>A transition period applies, meaning that your ISMS may be assessed against the old version of the standard for a certain period of time. The table below shows from when you will be assessed against the new ISO 27001:2022 standard and until when you may still be assessed against the old version of the standard.<\/p>\n<p>Until 31 October 2023, companies can still get certified for ISO 27001:2013. However, they have until 31 October 2025 to switch to ISO 27001:2022.<\/p>\n<p><img fetchpriority=\"high\" decoding=\"async\" class=\"alignnone wp-image-24060\" src=\"https:\/\/www.digitrust.nl\/wp-content\/uploads\/2022\/12\/tabel-v2-small-300x118.png\" alt=\"ISO 27001:2022 table - DigiTrust\" width=\"495\" height=\"195\" srcset=\"https:\/\/www.digitrust.nl\/wp-content\/uploads\/2022\/12\/tabel-v2-small-300x118.png 300w, https:\/\/www.digitrust.nl\/wp-content\/uploads\/2022\/12\/tabel-v2-small-1024x404.png 1024w, https:\/\/www.digitrust.nl\/wp-content\/uploads\/2022\/12\/tabel-v2-small-768x303.png 768w, https:\/\/www.digitrust.nl\/wp-content\/uploads\/2022\/12\/tabel-v2-small.png 1324w\" sizes=\"(max-width: 495px) 100vw, 495px\" \/><\/p>\n<p><span data-contrast=\"auto\">Blue = DigiTrust can and may still run your ISMS against the old version of the standard.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559740&quot;:259}\"><br \/>\n<\/span><span data-contrast=\"auto\">Green = DigiTrust needs your ISMS against the new ISO27001:2022 standard.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2>Schedule your transition audit for ISO 27001:2022 in good time<\/h2>\n<p>As an organisation, you need to make the transition from ISO 27001:2013 to ISO 27001:2022. The updated rules can be found in IAF MD26:2022. This document lists all the mandatory changes that need to be implemented to comply with the new standard. When your organisation complies with the new situation, we recommend scheduling a transition audit. This often takes place 2 weeks before the regular audit. The transition audit covers the following points:<\/p>\n<ul>\n<li>GAP Analysis<\/li>\n<li>Action plan<\/li>\n<li>Adjust risk analysis and treatment plan<\/li>\n<li>Annex A adapt management measures<\/li>\n<li>Adjusting VVT<\/li>\n<li>Internal audit<\/li>\n<li>Management review<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>It is important that you have prepared these topics and can provide evidence. In the case of recertification, the DigiTrust auditor will conduct a 4-hour remote audit with you and your CISO advisor. If your organisation meets the standard, DigiTrust will prepare your new ISO 27001:2022 certificate.<\/p>\n<p><strong>Tip<\/strong>: <a href=\"https:\/\/www.digitrust.nl\/en\/contact\/\">plan your transition audit in good time<\/a> with our back office. Your auditor's agenda is already very full in 2024. Avoid waiting too long and make sure everything can take place within the desired timing.<\/p>","protected":false},"excerpt":{"rendered":"<p>Op 25 oktober 2022 werd de vernieuwde ISO 27001-norm ge\u00efntroduceerd in Nederland. De ISO 27001:2022 vervangt de oude ISO 27001:2013 norm. In dit artikel leggen we uit wat er veranderd is ten opzichte van de oude norm van 2013. In het kort: De naam van de norm is gewijzigd Het aantal hoofdstukken is ingekort Het [&hellip;]<\/p>\n","protected":false},"author":29,"featured_media":25216,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[68],"tags":[],"class_list":["post-25208","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-nieuws"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>ISO 27001:2022 vs ISO 27001:2013 | DigiTrust<\/title>\n<meta name=\"description\" content=\"Vorig jaar werd de nieuwe ISO 27001:2022 ge\u00efntroduceerd, wat zijn de verschillen ten opzichte van ISO 27001:2013? Hier lees je alles op &#039;n rij\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.digitrust.nl\/en\/news\/what-are-the-differences-between-iso-270012022-and-iso-270012013\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"ISO 27001:2022 vs ISO 27001:2013 | DigiTrust\" \/>\n<meta property=\"og:description\" content=\"Vorig jaar werd de nieuwe ISO 27001:2022 ge\u00efntroduceerd, wat zijn de verschillen ten opzichte van ISO 27001:2013? Hier lees je alles op &#039;n rij\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.digitrust.nl\/en\/news\/what-are-the-differences-between-iso-270012022-and-iso-270012013\/\" \/>\n<meta property=\"og:site_name\" content=\"DigiTrust\" \/>\n<meta property=\"article:published_time\" content=\"2023-09-04T08:07:53+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-11-24T15:38:59+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.digitrust.nl\/wp-content\/uploads\/2023\/09\/ISO-27001-2022-ISMS-Cyber-security-DigiTrust.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1600\" \/>\n\t<meta property=\"og:image:height\" content=\"1067\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Stephan Striekwold\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Stephan Striekwold\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.digitrust.nl\\\/nieuws\\\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.digitrust.nl\\\/nieuws\\\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\\\/\"},\"author\":{\"name\":\"Stephan Striekwold\",\"@id\":\"https:\\\/\\\/www.digitrust.nl\\\/#\\\/schema\\\/person\\\/d0e4f226f50dad6eeef7ca19359315fe\"},\"headline\":\"Wat zijn de verschillen tussen ISO 27001:2022 en ISO 27001:2013?\",\"datePublished\":\"2023-09-04T08:07:53+00:00\",\"dateModified\":\"2025-11-24T15:38:59+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.digitrust.nl\\\/nieuws\\\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\\\/\"},\"wordCount\":1292,\"publisher\":{\"@id\":\"https:\\\/\\\/www.digitrust.nl\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.digitrust.nl\\\/nieuws\\\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.digitrust.nl\\\/wp-content\\\/uploads\\\/2023\\\/09\\\/ISO-27001-2022-ISMS-Cyber-security-DigiTrust.jpg\",\"articleSection\":[\"Nieuws\"],\"inLanguage\":\"en-GB\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.digitrust.nl\\\/nieuws\\\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\\\/\",\"url\":\"https:\\\/\\\/www.digitrust.nl\\\/nieuws\\\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\\\/\",\"name\":\"ISO 27001:2022 vs ISO 27001:2013 | DigiTrust\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.digitrust.nl\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.digitrust.nl\\\/nieuws\\\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.digitrust.nl\\\/nieuws\\\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.digitrust.nl\\\/wp-content\\\/uploads\\\/2023\\\/09\\\/ISO-27001-2022-ISMS-Cyber-security-DigiTrust.jpg\",\"datePublished\":\"2023-09-04T08:07:53+00:00\",\"dateModified\":\"2025-11-24T15:38:59+00:00\",\"description\":\"Vorig jaar werd de nieuwe ISO 27001:2022 ge\u00efntroduceerd, wat zijn de verschillen ten opzichte van ISO 27001:2013? Hier lees je alles op 'n rij\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.digitrust.nl\\\/nieuws\\\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\\\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.digitrust.nl\\\/nieuws\\\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/www.digitrust.nl\\\/nieuws\\\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.digitrust.nl\\\/wp-content\\\/uploads\\\/2023\\\/09\\\/ISO-27001-2022-ISMS-Cyber-security-DigiTrust.jpg\",\"contentUrl\":\"https:\\\/\\\/www.digitrust.nl\\\/wp-content\\\/uploads\\\/2023\\\/09\\\/ISO-27001-2022-ISMS-Cyber-security-DigiTrust.jpg\",\"width\":1600,\"height\":1067,\"caption\":\"ISO 27001 2022 - ISMS - Cyber security - DigiTrust\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.digitrust.nl\\\/nieuws\\\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.digitrust.nl\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Wat zijn de verschillen tussen ISO 27001:2022 en ISO 27001:2013?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.digitrust.nl\\\/#website\",\"url\":\"https:\\\/\\\/www.digitrust.nl\\\/\",\"name\":\"DigiTrust\",\"description\":\"Certificeringen\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.digitrust.nl\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.digitrust.nl\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.digitrust.nl\\\/#organization\",\"name\":\"DigiTrust\",\"url\":\"https:\\\/\\\/www.digitrust.nl\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/www.digitrust.nl\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.digitrust.nl\\\/wp-content\\\/uploads\\\/2022\\\/05\\\/digitrust-favicon.jpg\",\"contentUrl\":\"https:\\\/\\\/www.digitrust.nl\\\/wp-content\\\/uploads\\\/2022\\\/05\\\/digitrust-favicon.jpg\",\"width\":341,\"height\":341,\"caption\":\"DigiTrust\"},\"image\":{\"@id\":\"https:\\\/\\\/www.digitrust.nl\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/nl.linkedin.com\\\/company\\\/digitrust\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.digitrust.nl\\\/#\\\/schema\\\/person\\\/d0e4f226f50dad6eeef7ca19359315fe\",\"name\":\"Stephan Striekwold\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/38c59d59cde881be1e74101da5b7123fcfbafd8988e188f9b3c7cc3e934bb690?s=96&d=blank&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/38c59d59cde881be1e74101da5b7123fcfbafd8988e188f9b3c7cc3e934bb690?s=96&d=blank&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/38c59d59cde881be1e74101da5b7123fcfbafd8988e188f9b3c7cc3e934bb690?s=96&d=blank&r=g\",\"caption\":\"Stephan Striekwold\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"ISO 27001:2022 vs ISO 27001:2013 | DigiTrust","description":"Last year the new ISO 27001:2022 was introduced, what are the differences from ISO 27001:2013? Read all about it here","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.digitrust.nl\/en\/news\/what-are-the-differences-between-iso-270012022-and-iso-270012013\/","og_locale":"en_GB","og_type":"article","og_title":"ISO 27001:2022 vs ISO 27001:2013 | DigiTrust","og_description":"Vorig jaar werd de nieuwe ISO 27001:2022 ge\u00efntroduceerd, wat zijn de verschillen ten opzichte van ISO 27001:2013? Hier lees je alles op 'n rij","og_url":"https:\/\/www.digitrust.nl\/en\/news\/what-are-the-differences-between-iso-270012022-and-iso-270012013\/","og_site_name":"DigiTrust","article_published_time":"2023-09-04T08:07:53+00:00","article_modified_time":"2025-11-24T15:38:59+00:00","og_image":[{"width":1600,"height":1067,"url":"https:\/\/www.digitrust.nl\/wp-content\/uploads\/2023\/09\/ISO-27001-2022-ISMS-Cyber-security-DigiTrust.jpg","type":"image\/jpeg"}],"author":"Stephan Striekwold","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Stephan Striekwold","Estimated reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.digitrust.nl\/nieuws\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\/#article","isPartOf":{"@id":"https:\/\/www.digitrust.nl\/nieuws\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\/"},"author":{"name":"Stephan Striekwold","@id":"https:\/\/www.digitrust.nl\/#\/schema\/person\/d0e4f226f50dad6eeef7ca19359315fe"},"headline":"Wat zijn de verschillen tussen ISO 27001:2022 en ISO 27001:2013?","datePublished":"2023-09-04T08:07:53+00:00","dateModified":"2025-11-24T15:38:59+00:00","mainEntityOfPage":{"@id":"https:\/\/www.digitrust.nl\/nieuws\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\/"},"wordCount":1292,"publisher":{"@id":"https:\/\/www.digitrust.nl\/#organization"},"image":{"@id":"https:\/\/www.digitrust.nl\/nieuws\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\/#primaryimage"},"thumbnailUrl":"https:\/\/www.digitrust.nl\/wp-content\/uploads\/2023\/09\/ISO-27001-2022-ISMS-Cyber-security-DigiTrust.jpg","articleSection":["Nieuws"],"inLanguage":"en-GB"},{"@type":"WebPage","@id":"https:\/\/www.digitrust.nl\/nieuws\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\/","url":"https:\/\/www.digitrust.nl\/nieuws\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\/","name":"ISO 27001:2022 vs ISO 27001:2013 | DigiTrust","isPartOf":{"@id":"https:\/\/www.digitrust.nl\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.digitrust.nl\/nieuws\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\/#primaryimage"},"image":{"@id":"https:\/\/www.digitrust.nl\/nieuws\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\/#primaryimage"},"thumbnailUrl":"https:\/\/www.digitrust.nl\/wp-content\/uploads\/2023\/09\/ISO-27001-2022-ISMS-Cyber-security-DigiTrust.jpg","datePublished":"2023-09-04T08:07:53+00:00","dateModified":"2025-11-24T15:38:59+00:00","description":"Last year the new ISO 27001:2022 was introduced, what are the differences from ISO 27001:2013? Read all about it here","breadcrumb":{"@id":"https:\/\/www.digitrust.nl\/nieuws\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.digitrust.nl\/nieuws\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.digitrust.nl\/nieuws\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\/#primaryimage","url":"https:\/\/www.digitrust.nl\/wp-content\/uploads\/2023\/09\/ISO-27001-2022-ISMS-Cyber-security-DigiTrust.jpg","contentUrl":"https:\/\/www.digitrust.nl\/wp-content\/uploads\/2023\/09\/ISO-27001-2022-ISMS-Cyber-security-DigiTrust.jpg","width":1600,"height":1067,"caption":"ISO 27001 2022 - ISMS - Cyber security - DigiTrust"},{"@type":"BreadcrumbList","@id":"https:\/\/www.digitrust.nl\/nieuws\/wat-zijn-de-verschillen-tussen-iso-270012022-en-iso-270012013\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.digitrust.nl\/"},{"@type":"ListItem","position":2,"name":"Wat zijn de verschillen tussen ISO 27001:2022 en ISO 27001:2013?"}]},{"@type":"WebSite","@id":"https:\/\/www.digitrust.nl\/#website","url":"https:\/\/www.digitrust.nl\/","name":"DigiTrust","description":"Certifications","publisher":{"@id":"https:\/\/www.digitrust.nl\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.digitrust.nl\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/www.digitrust.nl\/#organization","name":"DigiTrust","url":"https:\/\/www.digitrust.nl\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.digitrust.nl\/#\/schema\/logo\/image\/","url":"https:\/\/www.digitrust.nl\/wp-content\/uploads\/2022\/05\/digitrust-favicon.jpg","contentUrl":"https:\/\/www.digitrust.nl\/wp-content\/uploads\/2022\/05\/digitrust-favicon.jpg","width":341,"height":341,"caption":"DigiTrust"},"image":{"@id":"https:\/\/www.digitrust.nl\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/nl.linkedin.com\/company\/digitrust"]},{"@type":"Person","@id":"https:\/\/www.digitrust.nl\/#\/schema\/person\/d0e4f226f50dad6eeef7ca19359315fe","name":"Stephan Striekwold","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/secure.gravatar.com\/avatar\/38c59d59cde881be1e74101da5b7123fcfbafd8988e188f9b3c7cc3e934bb690?s=96&d=blank&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/38c59d59cde881be1e74101da5b7123fcfbafd8988e188f9b3c7cc3e934bb690?s=96&d=blank&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/38c59d59cde881be1e74101da5b7123fcfbafd8988e188f9b3c7cc3e934bb690?s=96&d=blank&r=g","caption":"Stephan Striekwold"}}]}},"_links":{"self":[{"href":"https:\/\/www.digitrust.nl\/en\/wp-json\/wp\/v2\/posts\/25208","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.digitrust.nl\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.digitrust.nl\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.digitrust.nl\/en\/wp-json\/wp\/v2\/users\/29"}],"replies":[{"embeddable":true,"href":"https:\/\/www.digitrust.nl\/en\/wp-json\/wp\/v2\/comments?post=25208"}],"version-history":[{"count":9,"href":"https:\/\/www.digitrust.nl\/en\/wp-json\/wp\/v2\/posts\/25208\/revisions"}],"predecessor-version":[{"id":29844,"href":"https:\/\/www.digitrust.nl\/en\/wp-json\/wp\/v2\/posts\/25208\/revisions\/29844"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.digitrust.nl\/en\/wp-json\/wp\/v2\/media\/25216"}],"wp:attachment":[{"href":"https:\/\/www.digitrust.nl\/en\/wp-json\/wp\/v2\/media?parent=25208"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.digitrust.nl\/en\/wp-json\/wp\/v2\/categories?post=25208"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.digitrust.nl\/en\/wp-json\/wp\/v2\/tags?post=25208"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}