Expert Advice Community

Guest

Trying to map additions

  Quote
Guest
Guest user Created:   Dec 01, 2022 Last commented:   Dec 01, 2022

Trying to map additions

Thank you for the last answers (https://community.advisera.com/topic/risk-treatment-and-rtp/#comment=reply-21525).

I have two topics and questions about them. 

I have the new Advisera ISO 27001 2022 Toolkit. I am trying to map additions caused by the new version of the ISO 27001 2022 standard’s main part (clauses 4 to 10) from the Toolkit, e.g. 6.3 and 8.1 among others, but can not seem to find them.

Are the standard’s changes such in nature that they can be seemed already included to the old version of the document templates? or why I can not find them? 

Can ISO 27001 2013 certified company make all the changes required for the new ISO 27001 2022 version, and if compliant, certify against 2022 version in the middle of the 3 year validity period in one of the surveillance audits?

It probably is required to have internal audit done against 2022 version before certification?

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Dec 01, 2022

1 - I have the new Advisera ISO 27001 2022 Toolkit. I am trying to map additions caused by the new version of the ISO 27001 2022 standard’s main part (clauses 4 to 10) from the Toolkit, e.g., 6.3 and 8.1 among others, but cannot seem to find them.

Are the standard’s changes such in nature that they can be seemed already included to the old version of the document templates? or why I cannot find them? 

Answer:  Your first assumption is correct. Please note that changes in the main clauses of the standard are minor and require no changes in the templates like ISMS Scope, top-level Information Security Policy, Risk assessment methodology, etc. 

2 - Can ISO 27001 2013 certified company make all the changes required for the new ISO 27001 2022 version, and if compliant, certify against 2022 version in the middle of the 3 year validity period in one of the surveillance audits?

Answer: Yes, you can make the transition to the 2022 revision during a surveillance audit, but latest by October 2025.

For further information, see:
- ISO 27001 2013 vs. 2022 revision – What has changed? https://advisera.com/27001academy/blog/2022/02/09/iso-27001-iso-27002/

3 - It probably is required to have internal audit done against 2022 version before certification?

Answer:  Your assumption is correct. You will need to perform an internal audit against the 2022 version before certification.  

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Dec 01, 2022

Dec 01, 2022

Suggested Topics