Finding an auditor
I have been taking a look at your offering, attended yesterday’s Webinar and will attend more and for now it feels like your offering could very much fit our requirements.
We are likely one of those ‘could do it almost by ourselves – but need help with some items’ companies.
Me personally have not rolled 27001 yet but used to work with controls, procedures, policies, etc.
The biggest question mark for me right now is how to find an auditor that could fit in this approach. Do you have any recommendations on that?
Assign topic to the user
From your question is not clear if you are referring to an internal auditor or a certification auditor, so the answer will cover both situations.
The “DIY with expert support” approach does not change the main points you need to consider.
When looking for an auditor to perform an internal audit you should consider:
- the knowledge about your industry
- reputation
- pricing
We are not aware of specific jobs, boards, or professional associations of ISO 27001 internal auditors, so your best approach would be looking for them on professional social networks like LinkedIn, ISO 27001 security group on Google Groups, or organizations which issue certificates for information security professionals like ISC2 or ISACA.
For further information, see:
- Qualifications for an ISO 27001 Internal Auditor https://advisera.com/27001academy/blog/2015/03/30/qualifications-for-an-iso-27001-internal-auditor/
- 5 criteria for choosing an ISO 22301 / ISO 27001 consultant https://advisera.com/27001academy/blog/2013/03/25/5-criteria-for-choosing-a-iso-22301-iso-27001-consultant/
When looking for an auditor to perform a certification audit you need in fact to look for a certification body, and for this, there are several factors you should take into account when selecting a certification body, please read this article:
- How to choose a certification body https://advisera.com/blog/2021/01/11/how-to-choose-an-iso-certification-body/
The main certification bodies for ISO 27001 are:
- BSI: https://www.bsigroup.com
- Bureau Veritas: https://www.dnvgl.com/
- DNV: https://www.dnvgl.com/services?ServiceTypes=136423
- SGS: www.sgs.com/
- TUV: www.tuv.com
You can also find a proper certification body at this link: https://advisera.com/blog/2021/01/11/how-to-choose-an-iso-certification-body/
You can use this link to enter your profile, and we will find the certification body that best fits your needs.
Comment as guest or Sign in
Feb 26, 2021