Dear stakeholders, as it is known, the ISO / IEC 27001 standard was revised in October 2022.
ISO 27001:2022 transition can be approved in surveillance audit or recertification audit.
1) Minimum 0.5 audit days for transition audit when performed in conjunction with a recertification audit.
2) When it is carried out in conjunction with the surveillance audit or as a separate audit, thetransition to ISO 27001:2022 can be achieved by adding a minimum of 1.0 audit days for thetransition audit.
Efforts to transition to the new version should include, but are not limited to, at least the following:
– Gap analysis for ISO/IEC 27001:2022 and the need for changes in your ISMS;
– updating the Statement of Applicability (SoA);
– Updating the risk improvement plan, if any;
– Implementation and effectiveness of new or changed controls selected by you.All certifications based on ISO/IEC 27001:2013 will expire or be withdrawn at the end of the transition period (31 October 2025).
No Activity to be Done Deadline 1. Completion of receipt of initial certification applications for ISO/IEC 27001:2013 by IFC GLOBAL 31 October 2023 2. Receipt of initial certification applications for ISO/IEC 27001:2022 by IFC GLOBAL After approval by TURKAK/IAS 3. IFC GLOBAL conducts initial certification audits for ISO/IEC 27001:2022 After approval by TURKAK/IAS 4. Completion of migration of certified customers to ISO/IEC 27001:2022 October 31, 2025