Expert Advice Community

Guest

ISO 27001:2013 to ISO 27001:2022 Conversion Tool

  Quote
Guest
Guest user Created:   Jun 13, 2023 Last commented:   Jun 13, 2023

ISO 27001:2013 to ISO 27001:2022 Conversion Tool

The tool shows ISO27001:2013 A.18.2.3 splitting between ISO27001:2022 A5.36 A8.8 when you convert it but the tool shows it subsuming into A8.8 when you convert 2013:A.12.6.1 (doesn't mention the split). Can you clarify? Thank you

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jun 13, 2023

First of all, thanks for this feedback.

Please note that this tool follows the ISO 27002 guideline about merging and splitting controls from ISO 27001 Annex A.

Considering that, the converted output for control A.12.6.1 (i.e., control A.8.8) does not mention the split of control A.18.2.3 because this information is not relevant for presenting that information from controls A.12.6.1 and A.18.2.3 are now included in the new control A.8.8 (i.e., it is not necessary to explain that only part of one control is included in the new control, this only would complicate things).

Quote
0 1

Comment as guest or Sign in

HTML tags are not allowed

Jun 13, 2023

Jun 13, 2023

Suggested Topics

Guest user Created:   Jun 09, 2023 ISO 27001 & 22301
Replies: 1
0 0

Question about gap analysis

Guest user Created:   Dec 14, 2022 ISO 27001 & 22301
Replies: 1
0 0

SoA update

Guest user Created:   Nov 18, 2022 ISO 27001 & 22301
Replies: 1
0 0

Clause reference