The 2022 version is the newest version of ISO 27001. It will replace the 2013 version and key dates are below:

​

• March 2024 - No 2013 new or recertification audits will be conducted.

• June 2025 - Deadline companies need to be certified to the 2022 version.

• September 2025 - Only the 2022 version will be accepted (all 2013 certificates expire).

 

ISO/IEC 27001:2013 Information Security Management is the only auditable international standard which defines the requirements for an Information Security Management System (ISMS). The standard is designed to ensure the selection of adequate and proportionate security controls. This helps you to protect your information assets and give confidence to any interested parties, especially your customers. The standard adopts a process approach for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving your ISM.