ISO 27001 and ISO 27002 2022 updates
ISO/IEC 27001:2022 – the newest version of ISO 27001 – was published in October 2022.
Organisations that are certified to ISO/IEC 27001:2013 have a three-year transition period to make the necessary changes to their ISMS (information security management system).
For more information about ISO 27001:2022 and its companion standard, ISO 27002:2022, and what they mean for your organisation, please visit ISO 27001 and ISO 27002: 2022 updates
Download your copy of ISO 27001:2022 here
Download your copy of ISO 27002:2022 here
Building an ISMS (information security management system) that meets the requirements of ISO 27001 can be a challenging project. Although challenging building an ISMS can assit with your organizations complaince with other laws and requirements such as DFARS (Defense Federal Acquisition Regulation Supplement), the NIST CSF (Cybersecurity Framework), and the NYDFS Cybersecurity Regulations.
ISO 27001’s breadth of applicability can make it difficult for organisations to determine how to apply the Standard effectively and economically, so conducting an ISO 27001 gap analysis is an important starting point when putting a prioritised plan in place.
What is an ISO 27001 Gap Analysis?
An ISO 27001 gap analysis provides a high-level overview of what needs to be done to achieve certification and enables you to assess and compare your organization’s existing information security arrangements against the requirements of ISO 27001.
It is the ideal solution for organizations that need to measure their current state of compliance against the Standard and enables you to scope your ISMS parameters across all business functions.
Watch our video to discover how a gap analysis will help your organisation.
Speak to an ISO 27001 expert today
Get in touch with one of our qualified ISO 27001 specialists for free practical advice on the ISO 27001 gap analysis process. If you are not eligible for the quoted service, please contact us to discuss your requirements and we will provide a quote based on your specific needs.
Inquire about this service
Get a true picture of your ISO 27001 compliance posture
IT Governance’s ISO 27001 Gap Analysis service provides a detailed review of your current information security posture against the Standard's requirements.
The service consists of two key phases – an initial analysis of your existing information security arrangements and documentation, followed by a gap analysis report collating the findings.
Conducted by an ISO 27001 specialist, this service will give you an informed assessment of:
- Your compliance gaps
- The proposed scope of your ISMS
- Your internal resource requirements
- The potential timeline to achieve certification readiness
Additionally, an in-person gap analysis will provide you with the information necessary to develop a strong business case for implementing an ISO 27001-compliant ISMS.
Invest in a gap analysis for your organisation today >>
Why choose IT Governance?
- We are the global pioneer of ISO 27001 – our management team successfully led the world’s first ISO 27001 certification project.
- Our approach has been honed over 15 years, during which time we have trained more than 7,000 professionals on ISMS implementations and audits worldwide and helped more than 600 consultancy clients achieve ISO 27001 certification and compliance.
- Our ISO 27001 consultancy services come with a 100% guarantee that you will achieve certification within the timeline of the agreed project.
- We have a proven and pragmatic approach to assessing compliance with international standards, no matter the size or nature of your organization.
- Our pricing proposals are completely transparent, so you won’t get any surprises.
- You will receive expert advice and guidance from our consultants from the outset to help you develop a business case, allowing you to secure the necessary leadership commitment and investment.
Speak to an expert
One of our qualified ISO 27001 lead implementers is ready to offer you practical advice about the best approach to take for implementing an ISO 27001 project and discuss different options to suit your budget and business needs.