The International Accreditation Forum (IAF) has released new requirements for the transition to the ISO/IEC 27006-1:2024 standard

This standard covers information security, cybersecurity and privacy protection, and is intended for bodies auditing and certifying information security management systems (ISMS).

IAF MD 29, published on 21 May 2024, contains requirements for the transition from previous versions of ISO/IEC 27006:2015 and ISO/IEC 27006:2015/Amd 1:2020 to the new standard. Key changes include improved requirements for remote audits, updated audit time calculations, and alignment of applications with new ISO/IEC 27001:2022 requirements. The document also removes redundant and quantitative requirements for the experience and training of ISMS auditors.

Accreditation bodies must be ready to assess compliance with the new standard by December 31, 2024, and certification bodies by March 31, 2025. The full transition must be completed by March 31, 2026(IAF)​(IAF)​.

These new requirements are aimed at improving the quality and consistency of information security audits and certifications, which is especially important in the face of growing threats in cyberspace and the increasing importance of data protection.

For more information and access to the document, please visit the IAF​ (IAF)​​ (IAF)​ official website.
Contact us
Phone: +49 91128707018
Address: Fürther Str. 27, 90429, Nürnberg, Germany
Quick links
Copyright © 2021 Company GIC GmbH. All rights reserved.
This website uses cookies to ensure you get the best experience