EN 
ES 
Dear Participants,
Depósito Central de Valores informs you that ISO standard 27001:2022, "Information Security, Cybersecurity and Privacy Protection - Information Security Management Systems - Requirements," published in October 2022, replaces ISO 27001:2013 standard through a three-year transition period ending in October 2025.
DCV, which holds the ISO 27001:2013 standard certification, will undergo a transition audit in 2025 to renew its accreditation according to the ISO 27001:2022 standard.
How is DCV preparing for the transition to ISO 27001:2022?
Stage 1: Adaptation
DCV will execute the activities and/or tasks necessary to adapt its current Information Security Management System (ISMS) to the requirements of ISO 27001:2022. This includes an internal audit and a management review of the new or changed requirements before the transition audit is performed.
Stage 2: GAP analysis
The British Standards Institution (BSI) will then conduct a gap analysis of DCV's ISMS in order to assess its compliance with the requirements of ISO 27001:2022.
If any gaps are found, the DCV teams will take corrective actions to bring the ISMS into compliance with the requirements of ISO 27001:2022.
Stage 3: Transition audit
Finally, once the corrective actions have been completed, BSI will conduct the transition audit to ISO 27001:2022.
Why is it important to transition to ISO/IEC 27001?
- The new version incorporates changes and updates to the security requirements.
- It promotes the continuous improvement of the Information Security Management System (ISMS).
- It addresses new threats and emerging security risks.
- It ensures compliance with current legal and regulatory requirements.
- It demonstrates a commitment to data security and privacy
Should you have any questions, please send us an email to:
Kind regards,
DEPÓSITO CENTRAL DE VALORES S.A.,
DEPÓSITO DE VALORES
