<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1056783847775006&amp;ev=PageView&amp;noscript=1">

SUITE OF SERVICES services menu

Hamburger-menu.png
MobileSearchIcon.png
Brightline-BlogBanner.jpg

THE SCHELLMAN ADVANTAGE BLOG

< BACK TO BLOG HOME

iso-break-01.jpg

ISO:BREAK - ISO 27001 2005 to 2013 ISMS Mapping

Written by Schellman on Nov 20, 2013

It is common for organizations to refer to their ISMS as clauses 4 through 8. However, with the release of the newly revised 2013 version of ISO 27001, organizations will now have to refer to the ISMS requirements as clauses 4 through 10. That’s right - two additional clauses were added; nonetheless, this does not mean that the addition of two clauses results in two additional components of an ISMS. Rather, the reformatting of the management system requirements within ISO 27001:2013 is driven by the fact that it now better resembles the requirement formatting of other ISO management system requirements.

With the release of the newly revised 2013 version of ISO 27001, organizations will now have to refer to the ISMS requirements as clauses 4 through 10.

To help organizations better understand how the requirements of the 2005 version of ISO 27001 relate to those of the 2013 version, the Schellman ISO team has compiled a brief mapping. It is important that the assumption is not made that the cross references are a one-for-one transition. In fact, the requirements in ISO 27001:2013 resemble those of ISO 27001:2005, and that an organization must fully understanding the newly revised requirements and identifies their own gaps during the transition process.

Topics: Education, ISO 27001 / 27002

MEET THE WRITER

Schellman

PRINCIPAL AND SOC1 SUBJECT MATTER EXPERT

Schellman & Company,LLC is a global provider of assurance and compliance services. As the only company in the world fully accredited to provide a suite of services that includes SSAE 16 (SOC 1) examinations, SOC 2 examinations, PCI DSS / PA-DSS compliance validation, ISO 27001 certification, ISO 9001 certification, HITRUST certification, FedRAMP Assessments, network and application penetration testing services, and now P2PE assessments, Schellman offers clients the unique opportunity to achieve multiple compliance objectives through a single third party assessor. For further information, please visit www.schellmanco.com.

COMMENTS