Transition to ISO/IEC 27001:2022

Home > Transition to ISO/IEC 27001:2022

Transition to ISO/IEC 27001:2022


ISO/IEC 27001:2022 Information security, cybersecurity and privacy protection — Information security management systems — Requirements standard has been revised at October 2022. New standard was published on October 25th, 2022 ( ) .



New changes in ISO/IEC 27001:2022

  • Different from ISO/IEC 27001:2013, the new version’s complete title is ISO/IEC 27001:2022 Information Security, Cybersecurity and Privacy Protection.
  • Major change of Annex A, Number of controls decreased from 114 to 93 and 93 controls restructured to section 4, 11 new controls added to Annex A
  • Clauses 4 to 10 there are minor updates of the clauses
  • Especially in clauses 4.2, 6.2, 6.3, and 8.1 where additional new content has been added.
  • Other updates include minor changes in the terminology and restructuring of sentences and clauses.


Transition Period of current certificates to ISO/IEC 27001:2023 is 3 Years (36 months). All Certified clients will be completed the transition process until 31 October 2025.

   Transition Requirements Deadline date
Certified client’s Transition Audit With Routine Audit:

ü  Min 0.5 auditor/day for transition audit carried out in conjunction with a recertification audit.

ü  Min 1.0 auditor/day for transition audit carried out in conjunction with a surveillance audit





25 October 2025

(for ITC SRL deadline)

Transition Audit With Special Audit:

Required audit time for review of transition


New client Old revision ISO 27001:2013 certification requests will be accepted until :


31 October 2023
New client ISO 27001:2022 applications will be accepted as initial certification from date :


31 October 2023

The transition process of clients for audit planning before current certificate expiry date or between routine audits time will be decided with client and INTERNATIONAL TESTING AND CERTIFICATION SRL planning personnel.

We announce to all our customers and other interested parties that the transition studies of our Certification Personnel and our Management System documentation for ISMS audits and Certification activities completed as per our ISO 27001:2022 transition plan. We are waiting for IAS Accreditation approval in a soon time and you will see on our Accreditation part ( .


Associated with

Contact Us