Стандарт ISO 27001:2013 был пересмотрен в 2019 году и признан актуальным (" This standard was last reviewd and confirmed in 2019. Therefore this version remains current "), в ближайшие годы его изменение не ожидается...
P.S. Но стоит учитывать, что 2 раза в его текст были внесены мелкие технические корректировки.
Cor.1:2014
Page 12, Subclause A.8.1.1ReplaceControlAssets associated with information and information processing facilities shall be identified and an inventory of these assets should be drawn up and maintained.
with
ControlInformation, other assets associated with information and information processing facilities shall be identified and an inventory of these assets shall be drawn up and maintained.
Cor.2:2015
Page 4, Subclause 6.1.3ReplaceControl d) produce a Statement of Applicability that contains the necessary controls (see 6.1.3 b) and c)) and justification for inclusions, whether they are implemented or not, and the justification for exclusions of controls from Annex A;
with
Control d) produce a Statement of Applicability that contains:- the necessary controls (see 6.1.3 b) and c));- justification for their inclusion;- whether the necessary controls are implemented or not; and- the justification for excluding any of the Annex A controls.
