This gap analysis document provides a simple framework for evaluating your quality management system against the requirements of ISO 27001:2022. It is split into two tables:
- Part 1: new concepts – highlighting the new concepts introduced in ISO 27001:2022 and the related clauses, processes and functional
activities. - Part 2: requirements – highlighting amended clauses, processes and functional activities between ISO 27001:2013 and ISO 27001:2022.
Please complete each table by recording the evidence acquired from one full internal audit against the requirements of ISO 27001:2022. If you are unable to provide evidence of compliance, you may not be ready to complete the transition to ISO 27001:2022. In this case, please inform NQA that you need additional time to prepare for the transition – we will work with you to select a mutually agreeable date to complete the transition.
Please ensure that this completed document and internal audit records are available to your auditor at the opening meeting of your transition audit.
Views: 6
