Stay Ahead with ISO 27001:2022:

Your Guide to Seamless Transition and Implementation.

On Tuesday, October 25th, 2022, ISO released the updated ISO 27001:2022 Information Security Standard. The International Accreditation Forum (IAF) has stipulated a 3-year Transition Period for organizations certified to ISO 27001:2013.

Your Guide to Seamless ISO 27001:2022 Transition and Implementation.

On Tuesday, October 25th, 2022, ISO released the updated ISO 27001:2022 Information Security Standard, replacing ISO 27001:2013 through a managed transition. The International Accreditation Forum (IAF) has stipulated a 3-year Transition Period for organizations certified to ISO 27001:2013. During this period, both old and new standards remain valid, but certified organizations must transition to the new standard before the 31st October 2025. This transition ensures alignment with the latest standards and requirements set forth by ISO and IAF.

ISO 27001:2022 Transition Process

We plan to maintain a clear transition approach that is easy for our clients to comprehend and apply. Our goal is to provide organisations with the guidance and tools to make the transition from ISO 27001:2013 to ISO 27001:2022 as smooth as possible.


The transition process for ISO 27001:2022 includes three primary deliverables:


  1. Initial Meeting: This will be with our IRCA qualified consultant to discuss the changes and how they will impact the organisation; what changes will need to be made to the management system documentation (MSD), and which of the new controls will apply along with what the organisation needs to do to become compliant.
  2. Management System Documentation: Creation of new and/or amended MSD along with supporting you in the work you need to undertake and agree the new and/or amended MSD. This includes the Statement of Applicability (SOA).
  3. Presentation of Management System: Formal handover and presentation of new ISO 27001:2022 Management System


Once our consultancy work is complete, we estimate you will require between 2-12 weeks to evidence that you are following the ISO framework before certification is audited and issued, we can assist with this by either, independent (QAS International), or your chosen UKAS Certification body.


Please note that all work carried out by our consultants will meet both independent and UKAS certification standards.


Maintaining the system will also require an annual surveillance audit by a Certification Body.


In order to discuss this further please book an ISO Benefits Review

Invest in Security, Elevate Your Future: ISO 27001:2022 for Sustainable Growth.