The new version of ISO27001 was published in fall 2022. According to the specifications of the International Accreditation Forum (IAF), initial and re-certifications may only be carried out in accordance with ISO27001:2022 from April 30, 2024.
Transition period and conversion to ISO27001:2022
The transition period for converting already certified information security management systems (ISMS) to the new standard ends on October 31, 2025. It can be assumed that from summer 2023, recognized certification bodies will have expanded their programs to such an extent that audits in accordance with the new ISO27001:2022 will be possible from autumn 2023 at the latest.
Changes and adjustments to the ISMS and its documentation
However, as is not unusual with new versions, the changes included in this case also involve adjustments to the ISMS and its documentation. This applies in particular to the completely revised and restructured Annex A (resulting from the new ISO27002:2022). However, there are also additions and adjustments to be made in standard chapters 4 to 10.
Advice and support in adapting the ISMS
We would be happy to advise you on adapting your existing ISMS. In addition to identifying the tasks resulting from the changes, we can also actively help you with implementation if required in order to maintain compliance with the standard.
ISO27001 certification: advice and support on the path to standard compliance
If you are considering ISO27001 certification, we will be happy to offer you our advice and, if required, our active support on the way to a standard-compliant ISMS. This can include, in particular, the transfer of knowledge in workshops, but also the implementation of an internal audit and support in the creation of documents and the introduction of processes.
Further information can be found here.