Transitioning to ISO/IEC 27001:2022

In 2022, both ISO/IEC 27001 and 27002 were updated.

This post provide some hints and references about how to make transition from ISO/IEC 27001:2013 with Cor 1/2014 and Cor/2015 to ISO/IEC 27001:2002.

FAQs about transitioning to ISO/IEC 27001:2022

How many controls has 27001:2022?

Version 27001:2022 annex 1 contains 93 controls, divided in 4 chapters.

My organization is certified in 27001:2013. When do I need to adapt to 27001:2022?

The International Accrediation Forum (IAF) has released a document, classified as Mandatory Document (MD), coded IAF MD26:2022 and titled “Transition Requirements for ISO/IEC 27001:2022“.

This document states that organizations must adapt its ISMS in a maximum of 36 months, it means, before 2025-10-31.

I already started 27001:2013 certification. What is the deadline to be certified to the older version.

Organizations can be certified on the previous version 27001:2013 until 2024-03-30.

After this date, they will only be able to certify to the ISO/IEC 27001 version in force.

The initial deadline was 2023-10-31, but it was updated.

You might also be interested in…

External references

Leave a Reply

Your email address will not be published. Required fields are marked *