+31 (0)73 - 220 2000 | info@brandcompliance.com
English
  • Dutch
  • English
Brand Compliance
  • A certification body
    • Accreditations, Conditions & Regulations
  • ISO 27701 certification & audit
  • Directions
Application certification process
  • About us
    • Accreditations
    • Vacancies
    • Compliment, complaint or tip
    • Privacy Statement
  • Knowledge base
  • News
  • Quality
    • Application certification process
    • ISO 9001
    • ISO 22301
    • Private Lease Quality Mark
    • Compliance Audits
    • Gap analysis
  • Information Security
    • Application certification process
    • ISO 19770-1
    • ISO 27001
    • ISO 27017 and ISO 27018
    • Baseline Information Security Government (BIO)
    • NEN 7510
    • ISAE 3402
    • SOC 2 statement
    • Gap analysis
  • Privacy
    • Application certification process
    • White paper GDPR certification mechanism
    • Certification criteria BC 5701:2022
    • BC 5701 (GDPR)
    • ISO 27701
    • Gap analysis
  • Academy
    • BC5701 Implementation Professional (GDPR)
    • OT Cyber Security using IEC 62443 (OT security)
    • Free online training ISO 27001:2022
    • ISO 27001 Lead Implementer training (version 2022)
    • ISO/IEC 19770-1 Practitioner course
    • Request training
  • Contact
    • Contact Form
    • Application certification process
    • Introductory meeting
    • Directions

Kennisbank

Certification process

10
  • Checklist certification
  • Do you have your first audit soon?
  • How long does ISO certification take?
  • What is a certification cycle?
  • Applying for a certification process
  • Initial audit Stage 1
  • Initial audit Stage 2
  • Nonconformities management system
  • Certificate suspended or revoked? This is how you solve it!
  • Transfer of certification

General

8
  • The Brand Compliance glossary
  • What is a management system?
  • Internal or external audit?
  • Find out more about internal audits
  • Tips to describe a proper scope
  • Accreditation versus certification
  • The differences between ISO 27001 and NEN 7510
  • The use of certification logos

ISO 27001:2022

2
  • ISO 27001:2022 – FAQ transition
  • ISO 27001:2022 – Transition process

Best practices

3
  • Mastering GDPR compliance: best practices
  • Excelling in information security: best practices
  • Quality Management: best practices for success

White papers

2
  • White paper management system audits
  • White paper GDPR-certification mechanism

ISO 27001:2022 – Transition process

In this article we describe the planned process for the transition from ISO 27001:2017 to ISO 27001:2022. We try to inform you as well as possible about how we deal with offering, planning and conducting audits, issuing certificates and the costs. 

Would you rather be talked through the changes in ISO 27001:2022? We also provide free ISO 27001:2022 transition training. An ISO 27001 auditor will explain everything about the changes in this training.

ISO 27001:2022Version 2017 or 2022?  #

As of February 1, 2023, we offer new customers proposals for ISO 27001:2022 certification processes. 

Customers who have already received a proposal for ISO 27001:2017 are basically audited against that version of the standard. However, an initial ISO 27001:2017 audit may no longer be performed after 1 May 2024. This means that if you wish to start a certification process after 1 May 2024, you must have set up your management system based on ISO 27001:2022. This also applies to recertifications, these can no longer be performed against the old version of the standard after this date.

Transition audit ISO 27001:2022 #

If your organization already is certified for ISO 27001:2017, a transition audit must take place to the new version of the standard. Preferably, this transition audit is scheduled as a separate audit, so that both you and the auditor can fully focus on the changes in the management system. 

The following steps must be planned and carried out for the transition audit: 

  • When you are ready (or know when you will be ready) for the audit to take place, please contact us at: planning@brandcompliance.com, +31 (0) 73 220 20 30. Your audit will then be scheduled by a Brand Compliance Customer and Project Coordinator. 
  • You will receive an audit plan with the subjects that will be discussed at least during the transition audit. 
  • The transition audit takes half a day, for which the agenda below will be used.
    • Opening meeting;
    • Explanation from you on the transition to the new standard;
    • Audit on the changes in the ISMS (gap between ISO 27001:2017 and ISO 27001:2022);
    • Audit on the updated Statement of Applicability;
    • Audit on the update of the risk treatment plan;
    • Audit on the implementation and effectiveness of the new or changed controls chosen by you. You must determine this by means of an internal audit and management review in relation to the new standard;
    • Closing meeting.
  • Our auditor prepares an audit report. 
  • You will receive the report after it has been internally reviewed. 
  • If nonconformities are found, you will be given a term to deal with them. 

When the conditions of ISO 27001:2022 are met, the time has come for you to receive a new certificate! The ISO 27001:2022 certificate will contain the same expiration date as your current certificate. 

Transition activities  #

For the above activities, at least one day of work will be delivered; this includes: 

  • The audit; 
  • Drafting the report; 

After the audit day, the following activities will be carried out for you:

  • The administrative handling of the audit; 
  • The certification process; 
  • Drawing up, registering and issuing the new certificate. 

If nonconformities are found during the audit, Brand Compliance may need more time in total to complete the transition process. 

Transition period ISO 27001:2022 #

The transition period has an end date of October 1, 2025. If the requirements of the new ISO 27001:2022 are not met at the end of this period, the current certificate will be revoked. 

Additional information  #

Any further questions regarding the transition process? View the FAQ or our news article about accreditation. You can also contact Brand Compliance at info@brandcompliance.com on telephone number +31 (0)73 220 2000.

Share This Article :
  • Facebook
  • Twitter
  • LinkedIn
Still stuck? How can we help?

How can we help?

Updated on 28 September 2023
ISO 27001:2022 – FAQ transition
Inhoud
  • Version 2017 or 2022? 
  • Transition audit ISO 27001:2022
  • Transition activities 
  • Transition period ISO 27001:2022
    • Additional information 

Accreditation

RvA C548Brand Compliance B.V. has accreditation (C548) to certify ISO 27001, NEN 7510 and ISO 9001 scope 33 information technology and 35 other services.

Brand Compliance B.V.

Hambakenwetering 8D2
5231 DC ‘s-Hertogenbosch

+31 (0)73 220 2000
info@brandcompliance.com

Chamber of Commerce nr.: 32101659
VAT nr.: NL8130.78.854.B01

Brand Compliance Belgie B.V.

Uitbreidingstraat 66
2600 Berchem (Antwerpen)

+32 (0)14 48 0730
be-info@brandcompliance.com

VAT nr.: BE0735.675.516

Brand Compliance Nordics AB

Vasagatan 16 2 TR
111 20 Stockholm

+46 73 157 7805
info@brandcompliance.com

Org.nr: 559238-1387

© Copyright 2023 Brand Compliance
Thank you for your rating!
Thank you for your rating and comment!
This page was translated from: Dutch
Please rate this translation:
Your rating:
Change
Please give some examples of errors and how would you improve them: