Offtopic - ISO 27001:2013 mapping to 2022

We have published a mapping in between 27001 versions 2013 and 2022. The focus of this document is on the “Annex” controls (27002).

Link: Compliance Management | Eramba learning portal

Note: mappings are incredibly subjective stuff, so please review it before importing to make sure you agree on what we think are the right mappings.

If you are upgrading from 2013 to 2022, you can use this mapping to simplify the migration in eramba. The steps we would take to upgrade from 2013 to 2022 are:

1- Create a new compliance package for ISO 27002:2022
2- Import the mappings at Compliance Management / Compliance Mappings, you might need to update the first and the fourth column with the name you used for your compliance packages. Also we assume that you have used eramba’s provided 2013 package.
3- After the import completes, go to Compliance Analysis and make sure that requirements for ISO 27002:2022 have been updated with Internal Controls and Policies.
4- You can now go to Compliance Management / Compliance Mappings and remove all mappings you imported on step #2.