ISO 27001:2022




Transition to the new standard ISO/IEC 27001: 2022

A new version of ISO/IEC 27001 was published in October 2022: 2022, which replaces ISO/IEC 27001: 2013. In addition to the harmonization of content with other ISO management standards, minor changes are made directly to the requirements of this standard, but what has changed significantly, is Annex A with follow-up to the recommendations of ISO/IEC 27002: 2022:

The structure has changed from 114 controls in 14 chapters to 93 controls in 4 chapters:

  • Organizational controls (Chapter 5)
  • People controls (Chapter 6)
  • Physical controls (Chapter 7)
  • Technological controls (Chapter 8)

Change at the level of controls:

  • 11 new controls
  • 23 controls renamed
  • 24 merged controls (of the original 57)
  • 35 identical controls
  • 0 controls removed

Defined 5 new attributes for each control.

Scope of ISO/IEC 27002: 2022 standard grew from 88 pages to 162 pages (English original)

Transition period for implementation of ISO/IEC 27001: 2022 ends on 31 October 2025. At the same time, the Accreditation Body established that one year after the publication of ISO/IEC 27001: 2022 (i.e. from 31.10.2023) all new accredited certificates will only be issued according to ISO/IEC 27001: 2022.






For customers with an existing ISMS system according to ISO/IEC 27001: 2013, we have a transition plan in place to meet the requirements of the new ISO/IEC 27001: 2022 and we provide services:

  • analysis of the status of the organization and proposing the next steps for the transition to the new standard ISO/IEC 27001,
  • identifying, analyzing and assessing risks to new measures;
  • preparing risk treatment plans;
  • updating the ISMS information documentation;
  • implementing the ISMS in the organization’s processes and activities;
  • carrying out internal audits of the ISMS;
  • preparing the organization before carrying out audits by the certification body.





At the same time, we provide training on the requirements of ISO/IEC 27001: 2022 and ISO/IEC 27002: 2002 for:

  • Internal staff
  • Internal auditors
  • External auditors
Contact us and we’ll prepare an individual price offer for you.

Chosen clients