I have audited (Compliance audit and not certification audit) a client in Feb 2015 for ISO 27001 : 2005 standard. I also indicated all 2005 version certificates are expiring by 30th Sep 2015. My client was explaining old standard doesn't expire and as long as he wishes, he can comply to old standard and it is not must to upgrade to 2013 version. Is this correct?
I am afraid that it is not true. This year all certification bodies in the world have to update to ISO 27001:2013, which means that all companies with a certificate of ISO 27001:2005 needs to adapt to ISO 27001:2013. If not, they can lost the certificate, although can maintain the ISMS implemented.
Anyway, there are no main changes in the new revision, so I think that there are no excuses for no updating. Here you can find more information about the transition How to make transition from ISO 27001 2005 revision to 2013 revision : https://advisera.com/27001academy/knowledgebase/how-to-make-a-transition-from-iso-27001-2005-revision-to-2013-revision/