ISO27001:2022 Release – What we Know so Far

As we get closer to the expected release of the 2022 version of the ISO 27001 standard for an Information Security Management System, we are getting more and more customers asking about the release, what will happen with the ISO27001 toolkit and what it means for certification and recertification. So, to keep you all informed, we’ve put together a quick update on what we know so far with regards to the imminent release of the ISO27001:2022 standard.

Key dates for the ISO27001 2022 version release

Updated standard issue: Due 30^th October 2022
First date for assessments against the new standard: Expected November 2022
Last date for certification (initial or recertification) against the 2013/17 version of the standard: 18 months from publication (April 2024)
All certificates against the 2013/17 standard withdrawn: 3 years from publication (October 2025)

What are the expected changes?

The ISO27001:2022 standard update is expected to include:

Changes to the Annex A controls to reflect the changes made in the ISO27002:2022 standard update earlier this year
Wording changes to some of the requirement clauses, including the following:
- 2 Understanding the needs and expectations of interested parties
- 3 Determining the scope of the information security management system
- 4 Information security management system
- 3 Organizational roles, responsibilities and authorities
- 1.3 Information security risk treatment
- 2 Information security objectives and planning to achieve them
- 4 Communication
- 1 Operational planning and control
Heading changes, including a new sub-clause 3 Planning of changes

What does this mean for the ISO27001 toolkit?

Well, our toolkit writers have been hard at work putting together the new version of the ISO 27001 ready for the new standard release and this will likely be ready a couple of weeks after ISO release the new version of the ISO 27001 standard, so we’re predicting mid-November based on the current dates.

If you’ve already purchased an ISO 27001 toolkit on or after 1^st April 2021, you will receive version 12 (the updated version) free of charge as part of your lifetime subscription entitlement and you will be notified by email of the new release. For those customers who purchased before 1^st April 2021, you can speak to our team to see if there are any offers available for the new version of the toolkit.

What does this mean for our ISO27001 consultancy and internal auditing services?

Our ISO27001 consultancy team will work towards the key dates above and client preference, whilst providing advice on what’s best for each individual organization.

More ISO27001 resources

CertiKit are a provider of ISO toolkits, consultancy and internal auditing services, and have helped more than 4000 organizations worldwide with their compliance.

For more guidance on implementing the ISO27001:2022 standard, we’ve put together a list of our best free resources including video guides, blogs and downloadable documents.

Free ISO27001 Resources

Get in touch

Privacy Notice

X

Toolkits

Enhanced Gap Assessments

Toolkit Add-on

ISO Consultancy

ISO Internal Audits

Blog ISO27001:2022 Release – What we Know so Far