Update to ISO 27001 is coming. Here’s what you need to know

Almost ten years since its last update, ISO 27001, the Information & Data Security Standard, is being updated with a new standard being published in October 2022.

The last few years have seen a fundamental shift in security threats and the measures and controls needed to counter them – this latest update from ISO will see a revised set of controls (Contained in the standard’s Annex A – as per ISO 27002:2022) provided. The ‘core’ management system part of the standard, Clauses 4-10, will see minor changes but still contain clauses relating to the scope, interested parties, context, information security policy, risk management, resources, training & awareness, communication, document control, monitoring and measurement, internal audit, management review, and corrective actions.

IMSM welcome the changes to the ISO 27001 Standard – “As threats and best practice change rapidly it’s important that they are reflected in the world of ISO Standards – this latest update to ISO 27001 will allow us to work with our diverse client base and ensure they are able to stay ahead of the game with data security”

IMSM’s team of consultants have completed a review of the changes and is now ready to support organisations looking to adopt the new controls – whether they are current clients of IMSM or not.

I’m currently implementing ISO 27001 – What should I do?

We advise you to continue with your current implementation – once completed and certified, you have three years to transition to the new standard.

I already hold ISO 27001:2013 – what now?

IMSM has been involved with the upgrade, transition and migration of standards for 25+ years and has a professional, fixed fee and value-added transition package – we advise you to contact us at the earliest opportunity to explore suitable options and ensure you have a plan in place.

I’m thinking of adopting ISO 27001 – What should I do?

The easiest step is to contact one of our specialist consultants below – we’ll be able to talk you through the process, requirements and certification options available to you.