Is the latest 2013 revision of ISO 27001 finalized?
Assign topic to the user
Yes, ISO 27001:2013 is published in September - if you are starting ISO 27001 implementation you should go for the new 2013 revision. These articles will also help you:
- https://advisera.com/27001academy/blog/2013/08/26/implement-iso-27001-according-to-current-2005-revision-or-wait-for-new-2013-revision/
- https://advisera.com/27001academy/knowledgebase/infographic-new-iso-27001-2013-revision-what-has-changed/
Also what should be the approach for an organisation who is already certified and is looking for expanding their scope.
First you have to define exactly your new scope, then amend the ISMS Scope document but also your other policies and procedures accordingly. Finally, you have to ask your certification body to re-certify you with the new scope.
Comment as guest or Sign in
Jan 12, 2016