Expert Advice Community

Guest

Transition from ISO 27001:2005 to 27001:2013 standard

  Quote
Guest
Guest user Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Transition from ISO 27001:2005 to 27001:2013 standard

I wanted to know about the transition from ISO 27001:2005 to 27001:2013 standard. If some company is 27001:2005 certified and their certification is expiring in 2014, then in that case on which version they need to get audited and certified? In how much time, in between, any company can do transition from ISO 27001:2005 to the new one?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Guest
DejanK Jan 12, 2016

Theoretically, until September 25, 2014 you can (re)certify against the old 2005 revision of the standard, but I wouldn't recommend that - I think it is much better to transition to the new 2013 revision and then re-certify.

Transition is rather easy, for a smaller company it might take ca 1 month, whereas larger companies should be able to do it in couple of months. See also this article: How to make a transition from ISO 27001 2005 revision to 2013 revision https://advisera.com/27001academy/knowledgebase/how-to-make-a-transition-from-iso-27001-2005-revision-to-2013-revision/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016