Expert Advice Community

Guest

Becoming accredited ISO 27001 auditor or implementer

  Quote
Guest
Guest user Created:   Apr 16, 2021 Last commented:   Apr 20, 2021

Becoming accredited ISO 27001 auditor or implementer

How does one become an accredited iso 27001 auditor or implementer to be able to give the certification to other businesses?

0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Apr 16, 2021

First is important to note that an ISO 27001 auditor or implementer is not accredited, but certified.

Additionally, certifications can be issued only by certification bodies, not persons, and to work for them you need to be a certified auditor.

Considering that, to start your journey to become an information security auditor you should attend an ISO 27001 Lead Auditor Course, so you can understand the concepts of the ISO 27001 management system and the processes and techniques involved in an audit.

After attending the course and be approved in the exam, if you want to work as a certification auditor, you need to accumulate audit hours working for a certification body, first as an observer, and after that as an audit team member, so you can gain understanding and experience in practical audits. After sufficient auditing hours for a certification body, and good evaluations from your team leader, you can achieve the status of certification auditor and after that certification for lead auditor.

Here is the ISO 27001 Lead Auditor course from Advisera: https://training.advisera.com/se/iso-14001-internal-auditor-course/o-27001-lead-auditor-course/

This article will provide you a further explanation about becoming a lead auditor:

To become an ISO 27001 implementer, you do not need to be certified, but an ISO 27001 implementer certification can be a competitive differential. To become an information security implementer, you should attend an ISO 27001 Lead Implementer Course, so you can understand the concepts of the ISO 27001 management system and the processes and techniques involved in implementation. After attending the course you need to take an exam and be approved.

These articles will provide you a further explanation about Iso 27001 implementer:

Quote
0 0
Guest
Guest user Apr 19, 2021

Thank you for your response.
As per your answer only am accredited body can give the iso27001 to a buisness.
My question is how does a company become an accredited body?

Quote
0 0
Expert
Rhand Leal Apr 20, 2021

Please note that organizations that issue certifications are certification bodies. An accreditation body is another type of organization, the organization which authorizes organizations to act as certification bodies.

Considering that, to certify an organization your company has to be accredited by an accreditation body (e.g., UKAS for the UK, or ANAB for the USA), and for this purpose, your organization has to be certified by an accreditation body against ISO/IEC 17065. You can have an overview of this standard here: https://www.iso.org/obp/ui/#iso:std:iso-iec:17065:ed-1:v1:en

This article will provide you a further explanation about accreditation and certification:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Apr 16, 2021

Apr 20, 2021

Suggested Topics

Guest user Created:   Jul 16, 2021 ISO 27001 & 22301
Replies: 1
0 0

Question on ISO 27001

Guest user Created:   Jul 07, 2021 ISO 27001 & 22301
Replies: 1
1 0

ISO Certified Auditor