Changes in ISO 27001:2022 – Guidance for Certification and Transition

Changes in ISO 27001:2022 – Guidance for Certification and Transition

A highly anticipated standard relevant not only to all information security professionals but to all digital businesses is getting an update: ISO 27001:2022. The information security management standard and its code of practice ISO 27002 were last updated almost a decade ago. As such, a new iteration of ISO 27002 was published in February 2022, and a revised version of ISO 27001 is expected to be published by October 2022.

At Acuity, we are supporting many customers whose ISO 27001-certified information security management systems (ISMS) ‘live’ in STREAM or who are just starting their journey to ISO 27001 certification. Therefore, this document is meant to provide guidance to anyone looking to either get ISO 27001:2022 certification, maintain it or transition to the new version.

This paper has been written by our experts to provide guidance, and includes frequently asked questions (FAQs) from our customers that cover this ISO standard update, but we realise this list is not exhaustive.

For any other questions on ISO 27001 ISMS, whether general or regarding STREAM specifically, contact us or request a demo to see STREAM in action.

Acuity Risk Management helps companies protect today and prepare for tomorrow with our award-winning cyber, operational & IT risk management platform STREAM. Purpose-built for risk management from the ground up, Acuity’s STREAM platform provides an integrated view of risk bringing cyber risk together with IT and operational risks to provide a comprehensive view of risk and compliance across the enterprise. The platform models all of the complex relationships that exist in cyber security risk management and presents the results in business terms via an intuitive user interface such that security leaders and executives can make informed risk decisions. The executive team draws on its deep expertise and industry experience to continually innovate and help companies prepare and protect themselves while embracing digital transformation.