CRISC or ISO 27001 certifications
Assign topic to the user
Answer: First of all, I'm assuming that by ISO 27001 you are referring to the ISO 27001 Lead Auditor certification, so my answer will be based on this ISO 27001 certification.
CRISC (Certified in Risk and Information Systems Control) should be considered if you want to evaluate how IT risks are managed and controlled in an organization.
ISO 27001 Lead Auditor certification should be considered if you want to evaluate how the information security is managed and improved in an organization.
In fact, these certifications have different purposes, but are complementary in nature, because a great deal of information security today depends on how IT risks are managed and controlled (and CRISC covers this part), and since information exists not only in IT systems, the understanding of ISO 27001 concepts and requirements can help an auditor better understand and identify problems and opportunities for improvement in overall information securi ty.
These articles will provide you further explanation about ISO 27001 and ISO 27001 Lead Auditor:
- The basic logic of ISO 27001: How does information security work? https://advisera.com/27001academy/knowledgebase/the-basic-logic-of-iso-27001-how-does-information-security-work/
- How to become ISO 27001 Lead Auditor https://advisera.com/27001academy/knowledgebase/how-to-become-iso-27001-lead-auditor/
- What does ISO 27001 Lead Auditor training look like? https://advisera.com/27001academy/blog/2016/08/29/what-does-iso-27001-lead-auditor-training-look-like/
These materials will also help you regarding ISO 27001 and ISO 27001 Lead Auditor:
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
- ISO 27001 Lead Auditor Course preparation training [free webinar on demand] https://advisera.com/training/iso-27001-lead-auditor-course/
Comment as guest or Sign in
Dec 14, 2017