Transitioning to ISO 27001:2022

As of 30 April 2024, certification bodies can no longer offer (re)certification to the 2013 edition of the Standard.

Even if your organisation’s ISMS was (re)certified to ISO 27001:2013 by 30 April 2024, that certificate will expire on 31 October 2025 – even if it has been in place for less than three years (the normal duration of an ISO management system certificate).

We therefore advise you start adopting the 2022 Standard as soon as you can.

We have everything you need to transition your ISMS to conform to ISO 27001:2022.

Automate your transition: CyberComply
The CyberComply platform simplifies the transition to ISO 27001:2022, automating your compliance needs. Here you’ll be able to:

• Identify risks by selecting assets, threats and vulnerabilities and apply controls to treat and manage them;
• Create auditable logs of data privacy and security incidents, including affected assets, responsible users and estimated losses; and
• Select relevant legislation and meet your legal, contractual and regulatory obligations in line with Clause 4.2 of ISO 27001.

Find out more

Gain the skills to transition: Certified ISO 27001:2022 ISMS Transition Training Course
Train with the ISO 27001 experts to understand the changes and new requirements in ISO 27001:2022.

Find out more

Certified ISO 27001:2022 ISMS Foundation Training Course
Train with the ISO 27001 experts to get a comprehensive introduction to the features and benefits of ISO 27001:2022.

Book now

Certified ISO 27001:2022 ISMS Lead Implementer Training Course
Join our three-day masterclass to gain the essential knowledge and practical skills to effectively implement ISO 27001:2022. This comprehensive course will empower you to confidently protect your organisation’s sensitive information assets, while ensuring compliance.

Book now

Certified ISO 27001:2022 ISMS Lead Auditor Training Course

Designed to equip you with essential knowledge and practical skills, this comprehensive course will ensure you can confidently lead an audit of an ISMS in line with ISO 27001:2022.

Book now

Certified ISO 27001:2022 ISMS Internal Auditor Training Course

Learn how to drive continual improvement within your organisation’s ISMS, and find out how to identify opportunities for improvement and take corrective action to maintain conformity to ISO 27001:2022.

Book now

Get expert help: ISO 27001 Transition Gap Analysis
Our consultants will assess your ISMS against the requirements of ISO 27001:2022, and identify gaps and nonconformities to provide you with a clear roadmap for improvement. We’ll create a revised risk treatment plan, aligned with the updated Standard, offering a strategic approach to strengthen your information security framework.

Download the service description
Enquire about this service

Briefing: Unpacking your ISO 27001:2022 Transition Strategy
In this webinar, produced in association with Perry Johnson Registrars, IT Governance’s CEO Alan Calder explains how to transition your ISMS to conform to ISO 27001:2022.

Green paper: ISO 27001 and ISO 27002 – Transitioning to the 2022 standards

If you’re transitioning your ISMS to conform to ISO 27001:2022, download this free paper and discover:

• An overview of the key changes to both ISO 27001 and ISO 27002;
• Explanations of the ISO 27002 attributes, and how to create and use views;
• Explanations of the 11 new controls and 6 noteworthy merged controls in the 2022 set;
• A transitioning checklist; and
• Our concluding thoughts on the new standards.

Download now