ISO 27001 Update: What to Expect

15 Nov, 2022

Why is ISO 27001 being updated?

This is standard practice with ISO. Every five to eight years, International Standards are reviewed by all ISO member bodies to identify whether they are still relevant.

The pandemic has caused a leap in the adoption of technology, with more of us working from home, shopping online and video conferencing than ever before. This has caused a rise in cybercrime. An analysis from Canalys reported more records being compromised in the first 12 months of the pandemic than the previous 15 years combined. 

When was ISO 27001 updated?

ISO 27001:2022 was published at the end of October and will now replace ISO 27001:2013. But don’t panic. You have three years to transition over to the new Standard, however we would recommend you starting the process as soon as possible. This is to ensure you have plenty of time to gain compliance, ensuring it’s stress-free for you.

What has changed?

ISO 27001 has seen a significant change and has been revised to fall in line with other standards. This update includes changes to the Statement of Applicability and Risk Register. The Annex A controls has been regrouped to four broad themes and the overall number of controls has been reduced from 114 to 93. Several of the previous controls has been integrated and new ones added.

What do I need to do?

To understand the changes and how to gain compliance with ISO 27001:2022, we recommend attending one of our ISO 27001 Upgrade Seminars. You can book your place here.

If you’re already a Certification client of ISO QSL, we will be in touch to start your transition to ISO 27001:2022. However, if you have any questions in the meantime, please contact your account manager on 0330 058 5551.

If you’re not currently a Certification client of ISO QSL or have ISO 27001 Accredited certification with a body such as UKAS or INAB, we can still support you through the process with ISO Consultancy. 

Our Assessors have a wealth of experience in supporting clients through updates such as these. We believe in a collaborative and supportive approach, simplifying the process to ensure it remains straightforward and stress-free for you.

You can find out more about our ISO Consultancy services here: https://www.isoqsltd.com/iso-consultancy/ or request a quote here: https://www.isoqsltd.com/request-a-consultancy-quote/.

What if I want to implement ISO 27001?

Then this is a great time to start the process. You can request a quote for ISO 27001 certification here: https://www.isoqsltd.com/request-a-quote/ or alternatively, you can call our friendly team of advisors on 0330 058 5551.