The ISO 27001:2022 Gap Analysis Tool will help your organisation identify the extent to which its control stance meets the guidance in the Standard.
This tool is designed to support your organisation in its initial project planning of the ISMS (information security management system) security controls, and quickly and easily map your current information security measures against ISO/IEC 27001:2022 and Annex A controls aligned to ISO/IEC 27002:2022 requirements. The ISO 27001 requirements and Annex A reference control categories are on different tabs within the workbook, so you can clearly establish areas for development and plan and prioritise your project effectively.
There is also an executive summary tab with tables that automatically analyse the inputted responses, showing the number of questions completed, how many controls have been fully implemented, and implementation progress for each control category.
The tool is designed to work in any Microsoft environment; it does not need to be installed like software, and does not depend on complex databases. It is reliant on human involvement.
The tool is not designed for conducting a detailed gap analysis or audit, which require granular compliance assessment. If you require specialist help in this area, please contact us.
For more information, read our FAQ here.