Transition to MD 26:2023 Transition Requirements for ISO/IEC 27001

Bulletin date:

2023-06-12

Bulletin number:

2023-05

Action required

Take note that a new version of IAF MD 26 Transition Requirements for ISO/IEC 27001 (PDF) was released in February 2023.

Affected customers

All SCC-accredited Information Security Management Systems Certification Bodies, applicants, assessors and other relevant interested parties.

Background

ASB Accreditation Bulletin #2022-25 includes background information about ISO/IEC 27001:2022.

New requirements

The document contains clarifications and editorial changes.

It includes a deadline amendment:

initial certification and recertification by the CAB to ISO/IEC 27001:2022, to begin no later than April 30, 2024 (18 months from the last day of publication month of ISO/IEC 27001:2022).

Deadline

SCC will evaluate whether CABs have transitioned to certify to ISO/IEC 27001:2022, no later than August 31, 2023, preferably at their next scheduled assessment.

All deadlines are included in MD 26:2023 on page 8.

Questions?

Please contact Abdel Kassou, Manager, Compliance and Assessment Services, at abdel.kassou@scc-ccn.ca or +1 613 238 3222 for more information.