What has changed?

One of the key changes that has occurred is the update of Annex A to reflect ISO/IEC 27002:2022. Some of the key changes consist of:

  • Category Restructure
  • 11 new controls
  • 24 merged controls
  • 58 updated controls

We are hosting a webinar to talk about the transition process and what it means for your organisation to help with the shift. Our presenters will give you insight into how organisations will need to revisit their risk assessments to evaluate whether new risk treatments need to be applied as a result of changes to the controls and will assist you in applying the standard in your own organisational setting.

Major topics of discussion

  • Key Changes in ISO 27001:2022
  • New themes and attributes in the controls outlined in ISO 27002
  • Transition Timelines for your next Assessment
  • Q+A Session
  • General Tips to ensure you successfully transition

What Is the Transition Timeline?

  • The new version of the ISO 27001:2022 was released on October 25th 2022
  • Clients will have a 3 year to formally transition to the updated standard
  • The audit can be performed at any time during any scheduled audit or can be undertaken as a special audit
  • For organisations applying for certification now will be assessed against the new version of the standard
  • Extra Duration and time will be granted for auditors for clients transitioning from ISO 27001:2013 to new version of the standard
  • For organisations certified to ISO 27001:2013, any non conformances raised against the additional requirements in the 2022 version will be raised as opportunities for improvement and will need to be closed out before the transition period