The new version of ISO27001 was published in autumn 2022. According to the specifications of the International Accreditation Forum (IAF), initial and re-certifications may only be carried out in accordance with ISO27001:2022 from 30 April 2024.
Transition period and conversion to ISO27001:2022
The transition period for the conversion of already certified information security management systems (ISMS) to the new standard ends on 31 October 2025. It can be assumed that from summer 2023 onwards, accredited certification bodies will have expanded their programmes to such an extent that audits according to the new ISO27001:2022 will be possible from autumn 2023 at the latest.
Changes and adaptations to the ISMS and its documentation
However, as is not uncommon with new versions, the changes contained in this case are also associated with adjustments to the ISMS and its documentation. This applies in particular the completely revised and restructured Annex A (resulting from the new ISO27002:2022). But there are also additions and adaptations in the chapters 4 to 10 to be considered.
Consultancy and support in adapting the ISMS
We are happy to advise you on the adaptation of your existing ISMS. In addition to identifying the tasks resulting from the changes, we will also actively help you with the implementation, if required, in order to achieve the maintenance of conformity with the standard.
ISO27001 certification: advice and support on the way to compliance with the standard
If you are thinking about ISO27001 certification, we would be happy to offer you our advice and, if required, our active support on the way to a standard-compliant ISMS. This can include, in particular, the transfer of knowledge in workshops, but also the implementation of an internal audit as well as support in the creation of documents and the introduction of processes.
Further information can be found here.