BI.ZONE is first in Russia to become attested to latest ISO/IEC 27001:2022

In October 2022, the International Organization for Standardization (ISO) updated ISO/IEC 27001, the global standard for information security management systems (ISMS). The revised standard adopts a new structure for the information security controls (Annex A), which are now restructured into four categories: organizational, people, physical, and technological.

The latest ISO/IEC 27001 incorporates 11 new controls to embrace the evolving cybersecurity requirements amid a fast‑paced threat landscape. The controls cover threat intelligence, monitoring activities, data leakage prevention, configuration management, web filtering, data masking, information deletion, secure coding, physical security monitoring, security of cloud services, and business continuity management.

The ISO/IEC 27001:2022 audit was carried out by IRCLASS IRQS that specializes in ISO certification and training. BI.ZONE is the first Russian company to get certified to the revised ISMS standard. The expertise gained by the BI.ZONE Consulting team before and during the audit will benefit the clients transitioning to ISO/IEC 27001:2022 and incorporating new security and business continuity controls.

IRCLASS IRQS also assessed the operations of our SOC. The experts confirmed that BI.ZONE TDR (SOC/MDR) meets the updated requirements for the adoption of security controls. Using BI.ZONE TDR will enable companies to comply with clause A 8.16 of ISO/IEC 27001:2022 (Networks, systems and applications should be monitored for anomalous behavior and appropriate actions taken to evaluate potential information security incidents).