Expert Advice Community

Guest

Certifying organizations

  Quote
Guest
Guest user Created:   Jan 28, 2019 Last commented:   Jan 28, 2019

Certifying organizations

Hi, we are an Information Security Consulting and Auditing Company. We are well established in the information security space and have been doing PCI DSS audits for about 9 years. We have a client who would like us to certify them for ISO 27001. We have an auditor in the team, who is certified as a ISO 27001 Lead Implementer. What will it require for us to become a company who can perform a ISO 27001 Auditor?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jan 28, 2019

Answer:

To certify an organization your company has to be accredited by an accreditation body (e.g., UKAS for UK, or ANAB for USA), and for this purpose your organization has to be certified by an accreditation body against ISO/IEC 17065. You can have an overview of this standard here: https://www.iso.org/obp/ui/#iso:std:iso-iec:17065:ed-1:v1:en

This article will provide you further explanation about accreditation and certification:
- Accreditation vs. certification vs. registration in the ISO world https://advisera.com/articles/accreditation-vs-certification-vs-registration-in-the-iso-world/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 28, 2019

Jan 28, 2019

Suggested Topics