Certification requirements
Somos usuarios del paquete de documentos para la certificación 27001 y además usuario de los videos de entrenamiento en ciberseguridad, etc.
Quisiera saber si el proceso de certificación 27001 la empresa auditora exige, y por tanto es mandatorio, que exista un Líder de implementación certificado al iniciar el proceso de certificación.
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
We are users of the 27001 certification document package and also user of the cybersecurity training videos, etc.
I would like to know if the 27001 certification process performed by the audit firm requires, and therefore is mandatory, that there is a certified Implementation Leader at the beginning of the certification process.
ISO 27001 does not require an Implementation Leader for the implementation of its requirements, so certification bodies will not verify this item during the certification audit.
These articles will provide you further explanation about the certification process:
- Becoming ISO 27001 certified – How to prepare for certification audit https://advisera.com/27001academy/iso-27001-certification/
- Which questions will the ISO 27001 certification auditor ask? https://advisera.com/27001academy/blog/2015/07/20/which-questions-will-the-iso-27001-certification-auditor-ask/
This material will provide you further explanation about the certification process:
- ISO 27001/ISO 22301: The certification process [free webinar on demand] https://advisera.com/27001academy/webinar/iso-27001iso-22301-certification-process-free-webinar-demand/
Thanks very much for your response.
In the same order of things, we are preparing our internal auditor to do the internal audit. He has done some internal audits in other companies before so he has some experience.
The question is: Is it necessary for him to be certified as Internal Auditor?
Acceptable evidence of competence for ISO 27001 are based on experience, training or education.
Considering that, an internal audit certification is not required if you can provide other evidences, like statements of previous employers about internal audits performed by this person, or it is visible from the CV that the person has experience both in ISO 27001 and auditing.
This article will provide you further explanation about internal auditor:
- Qualifications for an ISO 27001 Internal Auditor https://advisera.com/27001academy/blog/2015/03/30/qualifications-for-an-iso-27001-internal-auditor/
This material will provide you further explanation about internal auditor:
- ISO 27001:2013 Internal Auditor Course https://advisera.com/training/iso-27001-internal-auditor-course/
Comment as guest or Sign in
Mar 10, 2020