Guest user Created: Jan 12, 2016 Last commented: Jan 12, 2016

Is the latest 2013 revision of ISO 27001 finalized?

Can you please tell me if the latest revision of the standard is finalised. If yes, the a company who wishes to implement ISMS should follow the latest revision i.e. ISO 27001 - 2013 or the old one.

0 0

Assign topic to the user

Select user

Guest

DejanK Jan 12, 2016

Yes, ISO 27001:2013 is published in September - if you are starting ISO 27001 implementation you should go for the new 2013 revision. These articles will also help you:
- https://advisera.com/27001academy/blog/2013/08/26/implement-iso-27001-according-to-current-2005-revision-or-wait-for-new-2013-revision/
- https://advisera.com/27001academy/knowledgebase/infographic-new-iso-27001-2013-revision-what-has-changed/

Also what should be the approach for an organisation who is already certified and is looking for expanding their scope.

First you have to define exactly your new scope, then amend the ISMS Scope document but also your other policies and procedures accordingly. Finally, you have to ask your certification body to re-certify you with the new scope.

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jan 12, 2016

Expert Advice Community