As technology continues to evolve and cyber threats become more sophisticated, it is crucial for organisations to stay up-to-date with the latest information security standards. ISO27001:2022 is the latest version of the internationally recognized standard for information security management, replacing ISO 27001:2013. While the new version shares many similarities with its predecessor, there are also some important changes that organisations need to be aware of.

At Periculo, we understand the challenges that organisations face when it comes to transitioning from ISO 27001:2013 to ISO 27001:2022. That's why we've developed a comprehensive set of services to help organisations (including our own ISMS) make a smooth and successful transition to the new standard. 

We have auditors who have completed the Verified BSI Training Academy transition course to ensure the transition project is completed to the highest standard. 

Overview of the changes in the ISO 27001:2022 standard:

ISO 27001:2022 introduces several changes to the standard, including new requirements for risk assessment, business continuity, and the management of third-party suppliers. Our team has a thorough understanding of these changes and can guide organisations through the transition process.

One great piece of evidence for a requirement within the standard (6.3 Planning of Changes) will be the transition project. So it will be extremely important to gather as much evidence to present to the auditor. 

Another exciting change to the standard is with regards to the Annex A controls, these have been reduced in number (through consolidation and removal of controls) and are now grouped into following categories:

• Organisational
• People
• Physical
• Technological 

It’s also worth noting that the ISO 27002 document will be actively used for determining and implementing the Annex A controls identified after completing the Statement of Applicability. 

Our services include:

1. Gap Analysis: We'll conduct a thorough assessment of your organisation's current ISMS to identify any gaps between your current practices and the requirements of the new standard.
2. Training and Awareness: We'll provide your team with the necessary training and awareness to understand the new requirements of ISO 27001:2022 and ensure that your organisation is prepared for the transition.
3. Documentation: We'll work with your organisation to update and revise your ISMS documentation, including policies, procedures, and risk assessments, to ensure compliance with the new standard.
4. Implementation Support: We'll provide support and guidance throughout the implementation process, ensuring that your organisation is on track to meet the requirements of ISO 27001:2022.
5. Certification Readiness: We'll work with your organisation to ensure that you’re ready to complete the Stage 2 Audit by conducting internal audit activities to ensure no stone goes unturned. 

In conclusion, transitioning from ISO 27001:2013 to ISO 27001:2022 is essential for organisations to maintain their compliance with the standard. Periculo is dedicated to helping organisations make this transition with ease, and we look forward to working with you to ensure the security of your sensitive information.

Contact us today to learn more about ISO 27001 transition, Find out more about our ISO 27001 services.