top of page
Writer's pictureHarris QMS Expert

HIGHLIGHTING YOUR FAQS ON NEW VERSION OF ISO/IEC 27001:2022. PART 1

The new version of ISO 27001:2022, introduced on October 25, 2022, is a moderate update to ISO 27001, the international standard for information security management. This new version introduces several changes and innovations that will assist organizations in enhancing their information security management and provide unique opportunities in the business world for years to come.

In this article, we will answer your most frequently asked questions regarding the differences between the new version of ISO 27001:2022 and the previous version. Additionally, we will emphasize the practical benefits of certification for businesses in 2023, enabling you to confidently enhance your information security and gain a competitive advantage in your industry.

ИСО сертификат по новой версии ISO 27001:2022 дает лидерам отрасли  скрытые конкурентные преимущества
International certification under ISO 27001:2022 allows business to gain an hidden competitive advantage to take over the industry and increase their lead over their competitors.

Will Changes in ISO/IEC 27001:2022 Impact Our Current ISO 27001 Certificate?

Great news! The new changes in ISO/IEC 27001:2022 will not have any impact on your current ISO/IEC 27001 certificate. However, if you would like to obtain certification based on the updated standard, please fill out the form below to request a customized offer.

Furthermore, if you're interested in ISO/IEC 27001 Transition Training, you can find more information through our partners. Kindly leave us a brief message in the contact form, and we will provide you with the latest available courses in a personal message.


What’s the Difference? ISO/IEC 27001 vs ISO/IEC 27002?

It's worth noting that ISO/IEC 27002 is a supporting standard containing guidance, and not requirements. Organizations cannot be certified against it, but professionals can.

Have you heard about ISO/IEC 27001 and ISO 27002? They are both related to IT security and information security management systems. Although they may seem similar, they have distinct differences.

ISO/IEC 27001 is a standard for information security management systems. It provides a list of compliance requirements that organizations and professionals can be certified against. This standard helps organizations establish, implement, maintain, and improve their information security management system (ISMS).

Originally known as ISO/IEC 17799, this standard has been around since the early '90s. In 2005, it was revised and published under the name ISO/IEC 27001. To stay up-to-date with technological advancements and address the latest security threats, ISO/IEC 27001 underwent a revision in 2013, resulting in a new version. Although the standard had another revision in 2019, the same version remains current.

Another standard that is part of the ISO/IEC 27000 ISMS family and closely related to ISO/IEC 27001 is ISO/IEC 27002. This standard helps tailor information security management systems to the specific context of organizations. It provides guidelines for selecting and implementing appropriate information security controls listed in Annex A of ISO/IEC 27001. ISO/IEC 27002 offers more detailed and comprehensive information regarding these controls.

It is important to note that ISO/IEC 27002 is a supporting standard that offers guidance, rather than requirements. Organizations cannot be certified against it, but professionals can.

When is the deadline to upgrade to the new version of ISO 27001:2022?

The deadline to upgrade to the new version of ISO 27001:2022 is October 31, 2025. Accredited certification bodies have a 12-month transition period starting from October 31, 2022, while organizations have a 36-month transition period. Don't miss out on enhancing your information security!


We are currently planning to participate in a tender. Could you please advise on the most suitable version of the standard to obtain ISO 27001 certification?

If you work in IT, telecommunications, cloud storage, or handle confidential information and are involved in tenders or planning to make new deals with large business from the EU, UK, Canada, USA, or developed countries in Southeast Asia and the Middle East, including Singapore, Malaysia, South Korea, Indonesia, Australia, and UAE, it is of vital importance to consider obtaining certification according to the new version of the ISO 27001:2022 standard ASAP.

By undergoing certification audits for the new version of the ISO/IEC 27001:2022 standard in 2023 or 2024, you can stay ahead of not only the majority of competitors, but also the industry as a whole, by at least 1-2 years. Obtaining the international ISO 27001:2022 certificate will allow you to strategically leverage this advantage, outperforming many companies that will transition to the new version of ISO/IEC 27001:2022 by the end of October 2025.


If you have any questions, feel free to reach out to us using the button below or the contact form. Or just drop us a line in the comments below. We're here to help!

Are you interested in getting a customized offer for the latest version of the ISO 27001:2022 standard for your particular business? Just click on the button below and we'll take care of that for you. Exciting, right?





20 views0 comments

Comments


bottom of page