ISO/IEC 27001:2022 is officially published on 25 Oct 2022. Last updated in 2013, the new edition is to be more relevant with latest security threats and technologies. Below are the changes in ISO/IEC 27001:2022 version:

Major changes in the ISO/IEC 27001:2022 revision

Although the number of controls deceased to 93, 11 new security controls have been added in new version as below:

5.7 Threat intelligence
5.23 Information security for use of cloud services
5.30 ICT readiness for business continuity
7.4  Physical security monitoring
8.9  Configuration management
8.10  Information deletion
8.11 Data masking
8.12 Data leakage prevention
8.16 Monitoring activities
8.23  Web filtering
8.28 Secure coding

CASSolution can help your business with the following to migrate your current system to new version:

Transition period and arrangements

According to the Transition Requirements from the IAF (International Accreditation Forum), there is a 3-year transition period from the new revision publication date (25 Oct 2022). Therefore companies that are currently certified against ISO/IEC 27001:2013 need to finish the new version transition by 31 October 2025. 

Companies already certified against ISO27001:

Companies planning to certified against ISO27001: 

If you want to start implementing the 2022 version of ISO27001, or you would like to transition to new revision from 2013 version, you may schedule a consultation for FREE with our ISO27001 experts. 

Whatsapp: +852 6777-6459