As technology continues to evolve and cyber threats become more sophisticated, it is crucial for organisations to stay up-to-date with the latest information security standards. ISO27001:2022 is the latest version of the internationally recognized standard for information security management, replacing ISO 27001:2013. While the new version shares many similarities with its predecessor, there are also some important changes that organisations need to be aware of.
At Periculo, we understand the challenges that organisations face when it comes to transitioning from ISO 27001:2013 to ISO 27001:2022. That's why we've developed a comprehensive set of services to help organisations (including our own ISMS) make a smooth and successful transition to the new standard.
We have auditors who have completed the Verified BSI Training Academy transition course to ensure the transition project is completed to the highest standard.
ISO 27001:2022 introduces several changes to the standard, including new requirements for risk assessment, business continuity, and the management of third-party suppliers. Our team has a thorough understanding of these changes and can guide organisations through the transition process.
One great piece of evidence for a requirement within the standard (6.3 Planning of Changes) will be the transition project. So it will be extremely important to gather as much evidence to present to the auditor.
Another exciting change to the standard is with regards to the Annex A controls, these have been reduced in number (through consolidation and removal of controls) and are now grouped into following categories:
It’s also worth noting that the ISO 27002 document will be actively used for determining and implementing the Annex A controls identified after completing the Statement of Applicability.
In conclusion, transitioning from ISO 27001:2013 to ISO 27001:2022 is essential for organisations to maintain their compliance with the standard. Periculo is dedicated to helping organisations make this transition with ease, and we look forward to working with you to ensure the security of your sensitive information.
Contact us today to learn more about ISO 27001 transition, Find out more about our ISO 27001 services.