Service – ISO 27001 ISMS 2022 Precertification Uplift
ISO 27001 ISMS 2022 Precertification Uplift
Repair
Are you ready for October 2025?
ISO/IEC 27001:2022 released 24th October.
Initial certification and recertification to ISO/IEC 27001:2022 only, from 1st May 2024.
All ISO/IEC 27001:2013 certificates shall expire or be withdrawn no later than 31st October 2025.
Recertification Due
Day(s)
:
Hour(s)
:
Minute(s)
:
Second(s)
Purpose
Review and update of your existing ISMS artifacts against the ISO27001:2022 ISMS standard to enable you to undertake your recertification audit.
Scope and Exclusions
Your ISMS must have a current ISO 27001:2013 certification. The scope of the engagement is limited to a gap analysis of the new requirements and reorganisation of ISO 27001:2022 standard.
Happy to discuss if you are just starting your ISMS journey or require a full maturity assessment.
Deliverables
- High-level maturity assessment report to identify any issues relating to the scope
Stage payment – $2,000 AUD upon delivery - Updated ISMS artifacts to comply with ISO 27001:2022.
Stage payment – $6,000 AUD, artifact delivered upon payment - Final report, presentation and sign-off
Stage payment – $2000 AUD
Pricing and Duration
This is a fixed price engagement for $10,000* AUD.
The duration* is expected to take no more than one month, but this can be negotiated based on resource availability. The timeframe can be compressed or extended as necessary.
* This price and duration assume your ISMS is functional and compliant. The engagement will commence with a brief high-level review to assess your ISMS status. A short report will identify the high-level issues and their impact on the engagement scope and the ISMS generally. If any issues impact the engagement scope of work, all parties must renegotiate the scope, price, and duration. If no agreement is possible, then each party agrees to terminate the engagement, with the client paying a $2,000 AUD cancellation fee for work already undertaken.
* The duration also assumes that the ISMS artifacts (including but not limited to policies, standards, registers, guidelines, and procedures) are readily available and provided to the assessor promptly. The client will ensure that relevant people are available throughout the engagement to attend workshops and interviews, answer queries, and provide timely reviews of deliverables.
Approach
- Understanding your organisational context
Initial questionnaire and engagement workshop covering the scope and explaining the changes and impact of what 27001:2022 brings. - High-level broad ISMS gap analysis
Gap analysis against client-provided ISMS artifacts, general assessment of ISMS maturity, short maturity report with issues impacting engagement and your ISMS generally, and engagement review meeting. - Detailed review and update of ISMS artifacts to comply with 27001:2022
Update your existing ISMS artifacts to comply with ISO 27001:2022 standard, including any subsequent amendments. - Client review and workshop of updated artifacts
Review of observations, findings and updated artifacts. Deliverables update to accommodate feedback and requests. - Final report and engagement closure
Final report including executive summary, observations, recommendations, and presentation, Engagement closure with engagement review.
All assessments are conducted by a BSI Certified Information Security Management Systems (ISO 27001:2022) Lead Auditor.