United Zhiyie Certification Company ISO27001 domain certification basis conversion passed CNAS review

　　On October 31, the China National Accreditation Service for Conformity Assessment (CNAS) issued an accreditation decision, approving the transition review of United Zhiyie Certification Company's ISO27001 field certification basis.

　　This marks that United Zhiyie Certification Company has completed the transition of certification standards in the ISMS field from "GB/T 22080-2016/ISO/IEC 27001:2013 Information Technology Security Techniques Information Security Management System Requirements" to "ISO/IEC 27001:2022 Information Security, Cybersecurity and Privacy Protection — Information Security Management System — Requirements." Going forward, United Zhiyie Certification Company will provide services to various 27001 clients with higher standard requirements.

　　Background of ISO/IEC 27001:2022 Certification Standard Accreditation Transition

　　The International Organization for Standardization (ISO) released ISO/IEC 27001:2022 "Information Security, Cybersecurity and Privacy Protection — Information Security Management System Requirements" in October 2022, replacing ISO/IEC 27001:2013.

　　The Certification and Accreditation Administration of the People's Republic of China (CNCA) issued Announcement No. 30 of 2015 on September 28, 2015 — "Announcement on the Arrangement of Management System Certification Standard Version Change Work." The announcement clarified the arrangements for conducting certification and related work based on international standards in the field of management system certification that adopts international standards equivalently, during the period between the release of the international standard and the release of the new national standard.

　　Against this background, CNAS carried out the ISO/IEC 27001:2022 certification standard transition activities.

　　Implementation Process of ISO/IEC 27001:2022 Certification Standard Accreditation Transition

　　 1/Application Submission: From January 31, 2023, CNAS accepts special accreditation transition applications submitted by certification bodies. The "ISO/IEC 27001:2022 Certification Standard Version Change Accreditation Transition Application and Evaluation Form" must be completed and submitted to CNAS along with the corresponding supporting materials.

　　2/Transition Review and Conclusion: CNAS completes the transition review and produces the transition review conclusion within one month after accepting the transition application.

　　3/Accreditation Review: Before the certification body's transition arrangements are fully completed, the office review of the certification body after passing the transition review should verify the implementation of the certification body's transition arrangements.

　　United Zhiyie Certification Company's Audit Timeline According to the New Certification Standard

　　After November 1, 2022: Certification certificates issued to initial and recertification clients based on the old certification standard shall not be valid beyond October 31, 2025.

　　After October 31, 2023: Accreditation certificates obtained through the transition accreditation review of the new certification standard will be issued, and new ISMS certification applications based on the new standard will be accepted.

　　After April 30, 2024: Initial certification and recertification projects will be conducted according to the new standard.

　　After August 1, 2025: Clients who have not undergone certification transition supervision will be audited as initial audits.