Trying to map additions

1 - I have the new Advisera ISO 27001 2022 Toolkit. I am trying to map additions caused by the new version of the ISO 27001 2022 standard’s main part (clauses 4 to 10) from the Toolkit, e.g., 6.3 and 8.1 among others, but cannot seem to find them.

Are the standard’s changes such in nature that they can be seemed already included to the old version of the document templates? or why I cannot find them? 

Answer:  Your first assumption is correct. Please note that changes in the main clauses of the standard are minor and require no changes in the templates like ISMS Scope, top-level Information Security Policy, Risk assessment methodology, etc. 

2 - Can ISO 27001 2013 certified company make all the changes required for the new ISO 27001 2022 version, and if compliant, certify against 2022 version in the middle of the 3 year validity period in one of the surveillance audits?

Answer: Yes, you can make the transition to the 2022 revision during a surveillance audit, but latest by October 2025.

For further information, see:
- ISO 27001 2013 vs. 2022 revision – What has changed? https://advisera.com/27001academy/blog/2022/02/09/iso-27001-iso-27002/

3 - It probably is required to have internal audit done against 2022 version before certification?

Answer:  Your assumption is correct. You will need to perform an internal audit against the 2022 version before certification.