Key changes for ISO 27001:2022 and how we can help you transition
Is your organisation certified under ISO 27001?
Have you transitioned to the new (2022) version of the standard? And did you know that all certifications have to be transitioned to this new version by October 30, 2025?
If not, we can help you transition with ease.
The 2022 revision introduces enhancements to address evolving security challenges, ensuring your Information Security Management System (ISMS) remains relevant, robust and future proof.
Transitioning might seem like a daunting task, but that's where our consultants come in. As experts in ISO 27001, we offer a range of tailored services to guide your organisation through the process, from a gap analysis to proven advice and solutions to address the new requirements. We can often help identify other improvements to your ISMS that may reduce risk or streamline processes to ensure it’s an effective tool.
The 2022 update introduces several notable changes aimed at enhancing the ISMS. Some of these are in clauses 4 to 10, but the majority refer to the Annex A controls. Whilst there is a reduction in the total number of controls required, 11 new controls have been introduced to address emerging cybersecurity challenges, such as:
Threat intelligence (A.5.7)
Information security for cloud services (A.5.23)
ICT readiness for business continuity (A.5.30)
Configuration management (A.8.9)
Data masking (A.8.11)
…and more
A reorganisation of the controls into four categories: organisational, people, physical, and technological has also been made.
These updates aim to simplify and improve alignment with modern cybersecurity practices and ensure organisations can effectively manage risks in an increasingly digital world.
We have found transitions often serve as an opportunity to review and simplify policies, as well as update risk assessments and statements of applicability.
Most certification bodies have required additional assessment time to transition and so they’ll have plenty of opportunity to dissect your ISMS to check it complies. We can ensure you feel confident that you have all the components in place and support you at your transition assessments to ensure it all runs smoothly and you get a positive recommendation.
Whether you're looking for strategic advice, hands-on support, or simple guidance, we're here to help. Let's work together to ensure your business stays ahead in the ever-evolving landscape of information security.
Contact us today to begin your journey towards compliance with the updated ISO 27001 standard.
