In simpler terms, while ISO 27001 tells you what to secure, ISO 27022 provides guidelines on how to integrate security into the System Development Life Cycle (SDLC). It bridges the gap between software developers and security managers.
The process-oriented approach simplifies the integration of the ISMS with other management systems, such as Quality Management (ISO 9001) or IT Service Management (ISO 20000). iso 27022 pdf