From training and gap analysis, through to delivering audits – support from LRQA’s team of experts is available to organisations worldwide as they adopt the new standard
The new version of the ISO 27001 standard helps organisations to manage controls more effectively by grouping them into four clear ‘themes’ – organisational, people, technological and physical. This key change aims to achieve greater clarity, focus and accountability for information security within an organisation.
The standard also features the recently updated information security controls outlined by ISO 27002:2022 – representing the most significant revision. There are now 93 controls instead of 114; 11 are new additions, whilst others have been merged or removed.
LRQA’s area representatives based across Europe, Asia and the Americas will support our global ISO 27001 clients in making a successful transition, as well as engaging with new clients across multiple industries and sectors who are at the beginning of their journey.
Organisations with existing ISO 27001:2013 certification will have three years to transition to the new standard, and LRQA’s team of experts will provide support at every stage with a comprehensive range of services.
Rob Acker, LRQA Technical Manager for Information Security, commented:
“The updated ISO 27001 standard is a reminder of the assurance community’s commitment to upholding risk management best practices in the face of a complex and changing threat landscape. Organisations will need to revisit their risk assessments to determine whether new risk treatments need to be implemented, and LRQA is committed to supporting that process with a range of ISO 27001:2022 services.”