If you are implementing or planning to implement an ISMS (information security management system) that conforms to ISO 27001:2013, the publication of ISO 27001:2022 will likely affect your project.
Learn more about implementing ISO 27001
When can I achieve certification to ISO 27001:2022?
Accreditation bodies such as UKAS (United Kingdom Accreditation Service) must be ready to assess certification bodies against new standards within six months of their publication, so you can already achieve certification against ISO 27001:2022.
All certification bodies must offer certification to only the 2022 edition of ISO 27001 from 30 April 2024.
This means that you can achieve certification against ISO 27001:2013 until 29 April 2024. However, all ISO 27001:2013 certificates will expire or be withdrawn on 31 October 2025 irrespective of how long they have been in place.
The IAF (International Accreditation Forum) confirms this timescale in its revised guidance document.
Can I implement the ISO 27001:2022 controls now?
Yes. In fact, we recommend you do, as we believe ISO 27002:2022 to be an improvement on the 2013 edition. It is much more comprehensive, and provides clearer guidance on control selection and implementation. It is also, unsurprisingly, better suited to today’s security landscape.
If you still want to implement ISO 27001:2013, you can use the new control set instead of the old Annex A. However, you will need to compare the 2022 set against the 2013 set in your SoA (Statement of Applicability). This should be relatively straightforward to do, because ISO 27002:2022 has an annex that compares its controls with the 2013 iteration of the Standard.
ISO 27001 resources
We have everything you need to ensure your ISMS conforms to whichever version of ISO 27001 you want to achieve certification against.
Free resources
Products and services
Training courses
Pocket guide
Tools
Free resources
Standards
Training courses
Certified ISO 27001:2022 ISMS Foundation Training Course
- Train with the ISO 27001 experts and get a comprehensive introduction to the features and benefits of ISO 27001:2022.
- Industry-leading course developed by the team that led the world’s first successful ISO 27001 implementation project.
- The Ely/online course provides the flexibility of attending our certified COVID-19 secure training centre or booking as an online learner.
- Learn from anywhere with our instructor-led Live Online and self-paced online options that allow you to study your way, keeping travel and costs to a minimum. Find out more.
- Successful completion of this one-day course and included exam awards the ISO 27001:2022 Certified ISMS Foundation (CIS F) qualification and 7 CPD/CPE points.
Book now
Certified ISO 27001:2022 ISMS Lead Implementer Training Course
- Train with the ISO 27001 experts and gain the skills to lead and manage an ISO 27001:2022-compliant ISMS implementation project.
- Industry-leading course designed to help you deliver ISO 27001 compliance and enhance your career as an ISO 27001 professional.
- The Ely/online course provides the flexibility of attending our certified COVID-19 secure training centre or booking as an online learner.
- Learn from anywhere with our instructor-led Live Online or self-paced online options that allow you to study your way, keeping travel and costs to a minimum. Find out more.
- Successful completion of this three-day course and included exam awards the ISO 27001:2022 Certified ISMS Lead Implementer (CIS LI) qualification and 21 CPD/CPE points.
Book now
Certified ISO 27001:2022 ISMS Lead Auditor Training Course
- Train with the ISO 27001 experts and gain the skills to deliver external certification and supplier audits against ISO 27001:2022.
- Industry-leading course designed to help you build your career as an ISO 27001 auditor.
- The Ely/online course provides the flexibility of attending our certified COVID-19 secure training centre or booking as an online learner.
- Learn from anywhere with our instructor-led Live Online and self-paced online options that allow you to study your way, keeping travel and costs to a minimum. Find out more.
- Successfully completing this five-day course and included exam awards the ISO 27001:2022 Certified ISMS Lead Auditor (CIS LA) qualification and 35 CPD/CPE points.
Book now
Certified ISO 27001:2022 ISMS Internal Auditor Training Course
- Train with the ISO 27001 experts and learn how to drive continual improvement within an ISO 27001:2022 ISMS.
- Discover how to identify opportunities for improvement and take corrective action to maintain conformity to ISO 27001:2022.
- The Ely/online course provides the flexibility of attending our certified COVID-19 secure training centre or booking as an online learner.
- Learn from anywhere with our instructor-led Live Online and self-paced online options that allow you to study your way, keeping travel and costs to a minimum. Find out more.
- Successful completion of this course and included exam awards the ISO 27001:2022 Certified ISMS Internal Auditor (CIS IA) qualification and 14 CPD/CPE points.
Book now
Pocket guide
ISO/IEC 27001:2022 – An introduction to information security and the ISMS standard
The perfect introduction to the principles of information security management and ISO 27001:2022.
An ideal resource for anyone wanting a clear, concise and easy-to-read primer on information security, this pocket guide will ensure the ISMS you put in place is effective, reliable and auditable.
Buy now
Tools
Gap analysis tool
The ISO 27001:2022 Gap Analysis Tool will help your organisation identify the extent to which its information security control stance meets the requirements of ISO 27001:2022.
The tool is designed to support your organisation in its initial project planning of the ISMS security controls, and quickly and easily map your current information security measures against ISO/IEC 27001:2022 and Annex A controls aligned to ISO/IEC 27002:2022 requirements.
Buy now
Documentation toolkit
- Accelerate your ISMS implementation project with more than 140 customisable, ISO 27001-compliant documentation templates. View full contents
- Save hours of work with implementation tools and expert guidance from the team who led the world’s first successful ISO 27001 certification project, including:
- ISMS Overview
- ISO 27001:2013 and ISO 27001:2022 Gap Analysis Tool
- ISO 27002:2013 Controls Gap Analysis Tool
- ISO 27001 Implementation Manager
- ISO 27001:2013 Documentation Dashboard
- Collaborate easily with multi-user access to the Cloud-based DocumentKits platform wherever you are.
- Get compliant and stay compliant with more than 200 free annual updates – including to ISO 27001:2022.
- Enjoy flexible payment options with a no-obligation annual subscription, which you can cancel at any time (T&Cs apply).
Buy now
Speak to an ISO 27001 expert
For more information about ISO 27001 and how we can help you implement an ISMS – whatever your size, budget or level of expertise – get in touch with one of our experts today.
Contact us
Speak to an expert
For more information about ISO 27001 and how we can help you implement an ISMS – whatever your size, budget or level of expertise – get in touch with one of our experts today.