What’s New in Version 4?
There’s a lot of new things in version 4. In fact, there are 64 new requirements that you might be looking at by 31 March 2025.
Along with new requirements, version 4 brings extended guidance as part of the Standard itself. Overall, the length of the Standard increases from 139 pages to 360 pages. But what this really means is that in addition to the requirements it also has:
- Customised approach objectives if you’re doing a RoC and looking at a customised testing approach
- Applicability notes to explain how the requirement applies to people, processes, or systems when further clarification is needed
- Information about the purpose / objective of each requirement
- Recommendations for good practice
- Further sources of information
- Definitions of key terms
The Security Standards Council has put a lot of work into adding as much clarification and help as possible to the Standard.