This ISO27001: 2005 to 2013 Gap Analysis Tool has been created to help organisations who have implemented ISO27001: 2005, to assess themselves and current status of compliance against ISO27001: 2013.
This tool will enable such organisations to identify where they need to make changes, implement new procedures, or phase-out previous controls.
In traditional ITG fashion this gap analysis has been designed to help organisations prioritize their work areas in initial project planning and for final, pre-certification audit review of the ISMS.
It helps organisations to tackle the upgrade of their ISMS to ISO27001: 2013 with direction, identifying to project managers where to start first. The outcome of this tool and the analysis that it provides is the base for organisations to then conduct a detailed, granular approach to assessing their current information security control structure.