Loading

The BSI website uses cookies. By continuing to access the site you are agreeing to their use.

X
Find out what cookies we use and how to disable them
Skip to main content
BSI

Making excellence a habit

Our phone number +91 11 2692 9000
Menu
  • Home
  • Standards eg. ISO 9001
    Standards

    Featured standards

    • Information Security
      ISO/IEC 27001
    • Quality Management
      ISO 9001
    • Environmental Management
      ISO 14001
    • Occupational Health & Safety
      ISO 45001
    • Energy Management
      ISO 50001
    • Business Continuity
      ISO 22301
    View all standards

    ISO Revisions

    • Understand the key changes to: ISO 9001, ISO 14001, ISO 45001, ISO 13485, IATF 16949 and more.
    • ISO 14001 Revision ISO 14001:2015 published

    Food and Agri-food Standards

    • HACCP
    • ISO 22000 Food Safety
  • Our services
    Our services
    • Certification
    • Training courses
    • Product certification CE marking & Kitemark
    • Medical device services
    • Industries & Sectors Certification, Testing & Trainings
    • Verification services
    • Supply chain solutions
    • Business improvement software Entropy™
    • Food BSI Catering Scheme
    • Standards subscription services
    • ZED Assessment Zero Effect Zero Defect
    • Developing new standards
    View all services

    Featured training course

    • Six Sigma Green Belt

    Inside our services

    • Organizational Resilience
    • Validate a Certificate
    • Why certify with BSI?
    • BSI training courses at your company
    • Building Information Modelling
  • Training eg. Lead Auditor
    Training

    Popular training subjects

    • Information Security ISO/IEC 27001 training
    • Quality Management ISO 9001:2015 trainings
    • Food Safety Management ISO 22000 trainings
    • Business Continuity ISO 22301 training
    • Environmental Management ISO 14001:2015 training
    • Energy Management ISO 50001 training
    • Occupational Health & Safety ISO 45001 training
    • Six Sigma Green Belt, Black Belt & Lean
    View all training options

    New training courses

    • CLIP Programme ISMS, BCMS, FSMS, EnMS & QMS
    • CAQP Programme IATF 16949:2016, Core tools
    • CRisP Programme Certified Risk Professional
    • Telecom TL 9000 training
    • CSA STAR Certification Cloud Security training
    • PCI DSS Training PCI DSS Ver 3.2
  • About BSI
    About BSI
    • Our accreditation
    • Our governance
    • Our history
    • Our partners
    • Our people
    • Client Testimonials
    • Social Media
    • Careers
    • Social Responsibility
    • Media centre
    • UK National Standards Body
    • Financial Information
  • ISO/IEC 27001 Information Security Management

ISO/IEC 27001 revision

The internationally acclaimed standard for information security management (ISO/IEC 27001) and accompanying ISO/IEC 27002, ‘Code of practice for information security management controls’ have been revised, with the new versions released October 2013. You can now work with us to get your ISO/IEC 27001:2013 certificate that is UKAS accredited.


What are the main changes?

  • The revised standard has been written using the new high level structure, which is common to all new management systems standards. This will make integration straightforward when implementing more than one management system
  • Terminology changes have been made and some definitions have been removed or relocated
  • Risk assessment requirements have been aligned with BS ISO 31000
  • Management commitment requirements have a focus on “leadership”
  • Preventive action has been replaced with “actions to address, risks and opportunities”
  • SOA  requirements are similar, with more clarity on the need to determine controls by the risk treatment process
  • Controls in Annex A have been modified to reflect changing threats, remove duplication and have a more logical grouping. Specific controls have also been added around cryptography and security in supplier relationships.
  • Greater emphasis is on setting objectives, monitoring performance and metrics


I’m interested in certifying to ISO/IEC 27001 now – what should I do?

ISO/IEC 27001:2005 is currently still valid. If you are close to implementing your ISO/IEC 27001 management system we can assess you against the ISO/IEC 27001:2005 standard, as long as your visits are completed by 1 October 2014. We can then work with you to complete your transition to the new ISO/IEC 27001:2013 version during your continual assessment visits.

If you are still in the very early stages of adopting ISO/IEC 27001, or unlikely to be able to go through the assessment visits before 1 October 2014, we would recommend that you work towards certification against ISO/IEC 27001:2013.

Return to the ISO/IEC 27001 pages to find out how we can help you on your journey to certification

I’m currently certified to ISO/IEC 27001 – what do I need to do?

We are here to make sure that as an existing ISO/IEC 27001:2005 certification customer you have all the information and tools that you need to understand the changes to the standard. We will work with you to make sure your transition to the new standard is completed as part of your planned certification surveillance visits before 1 October 2015 deadline. If you haven't started to do so already, please liaise with you client managet to discuss appropriate timescales to complete your transition. 

A free transition guide is available, giving you an overview of the main differences and proving pointers on key aspects you should consider.

Download our ISO/IEC 27001 transition guide
Download ISO/IEC 27001 mapping document

The expiry date of my ISO/IEC 27001:2005 extends beyond the 1 October 2015, does this mean I have until this date to complete my transition to ISO/IEC 27001:2013?

Unfortunately not. Whilst certificates are dated for a three year period, ISO/IEC 27001:2005 will be obsolete from 1 October 2015 and therefore all certificates to the 2005 version of ISO/IEC 27001 expire on this date. If you do not complete your transition to ISO/IEC 27001:2013 before this date your certificate will be cancelled.  If you are a BSI client, speak to your client manager to agree timescales for this transition to keep your certification active.


Can I extend the scope of my current ISO/IEC 27001:2005 certificate during the 2-year transition period?

Yes, you can. However, BSI will not issue a certificate to the ISO/IEC 27001:2005 version of the standard after 31st March 2015.


Buy ISO 27001:2013 Standard

ISO has released the final ISO 27001:2013 standard now available for purchase.

Standard Price: INR 10200 /-
(Inclusive of all taxes)

Hard copy of Standard will be provided with no courier charges to you within India. For overseas freight charges will be extra.

To place your order, Please call at  +91 11 2692 9000 or email at info.in@bsigroup.com

Know more about ISO 27001

ISO/IEC 27001:2013 transition training

Gives you  the additional support to transition your ISO/IEC 27001:2005 to meet the new ISO/IEC 27001:2013 requirements and helps lead auditor gain the skills to review ISO/IEC 27001:2013 systems.

More on ISO 27001:2013 Trainings

 
By Royal Charter
Standards
  • ISO 9001 Quality Management
  • ISO 14001 Environmental Management
  • ISO 45001 Occupational Health & Safety
  • ISO/IEC 27001 Information Security
  • ISO 50001 Energy Management
  • View all standards >>
Our services
  • Certification
  • Compliance tools and software
  • Developing new standards
  • Events
  • Medical devices
  • Product certification
  • Standards subscription services
  • Training courses
  • View all services >>
Training options
  • Quality management training
  • Environmental management training
  • Health and Safety training
  • Information security training
  • Energy management training
  • Business continuity training
  • View all training options >>
About BSI
  • Careers
  • Social Responsibility
  • Financial information
  • Get involved with standards
  • Media centre
  • Our clients
  • Our history
  • Our partners
  • Our people
  • UK National Standards Body
Other BSI websites
  • BSI Shop
  • BSOL: British Standards Online
  • Supply Chain Security
  • BIM Level 2
Contact +91 11 2692 9000
  • Site map
  • Careers
  • Help
  • Media centre
  • Contact BSI
Select country and language
  • India
Other useful links
  • Site map
  • Careers
  • Help
  • Media centre
  • Contact BSI
BSI Worldwide sites Close

Asia Pacific

  • Australia English
  • China 简体中文
  • Hong Kong English
  • India English
  • Indonesia English
  • Japan 日本語
  • Korea 한국어
  • Malaysia English
  • Mongolia Монгол хэл
  • New Zealand English
  • Singapore English
  • Taiwan 繁體中文
  • Thailand ไทย/English
  • Vietnam English
  • Vietnam Tiếng Việt

Europe

  • Austria Deutsch
  • Belgium Nederlands
  • Czech Republic Czech
  • France Français
  • Germany Deutsch
  • Iceland Ísland
  • Ireland English
  • Italy Italiano
  • Netherlands Nederlands
  • Poland polski
  • Russia/CIS Pycckuu
  • Spain Español
  • Sweden English
  • Switzerland Deutsch
  • Turkey Türkçe
  • United Kingdom English

Americas

  • Brazil Português
  • Canada English
  • Canada Français
  • Chile Español
  • Colombia Español
  • Costa Rica Español
  • Mexico Español
  • Peru Español
  • United States English

Middle East and Africa

  • Israel English
  • South Africa English
  • MEA English
  • MEA عربي

Can't find a country or region?

View our directory of worldwide contacts listed by country

© The British Standards Institution

Site Policy:
  • Privacy Notice
  • Cookie policy
  • Accessibility
  • Terms and conditions
  • Intellectual property