Management Systems Certification • 2 mins read
2 mins read
In light of the recent publication of ISO/IEC 27006-1:2024, we are pleased to share our assessment process and timelines for transitioning to the revised standard.
Key updates in ISO/IEC 27006-1:2024:
- Enhanced guidelines for conducting remote audits
- Revised audit time calculation requirements
- Updated Annex E to synchronise with ISO/IEC 27001:2022
- Streamlined requirements for referencing other standards in ISMS certification documents
- Removal of the quantitative requirement for ISMS auditors’ work and training experience.
Transition instructions and timelines:
UKAS has developed a transition plan in line with our current understanding of the forthcoming requirements of IAF MD XX:2024 (detail to be confirmed) and is now ready to assess against the requirements of the new standard. UKAS accredited Conformity Assessment Bodies (CABs) are requested to submit a gap analysis and implementation plan by no later than 30 April 2024.
Action required by UKAS accredited certification bodies:
To ensure a smooth transition, accredited certification bodies are requested to:
Conduct a comprehensive gap analysis detailing the implementation of changes introduced by ISO/IEC 27006-1:2024.
Submit this analysis, along with transition arrangements and evidence of implementation, to your UKAS Assessment Manager by 30 April 2024.
We anticipate an initial assessment effort of approximately 1.25 days to review these changes, subject to the clarity of the submitted information.
Let’s work together:
This is a collaborative journey towards enhanced information security standards. We appreciate your prompt action in aligning with these new requirements and look forward to a seamless transition.
For more details, please view the Technical Bulletin.