Expert Advice Community

Home / ISO 27001 & 22301 / How long should the ISMS be in place before going for the certification audit

Guest

How long should the ISMS be in place before going for the certification audit

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   May 12, 2016 Last commented:   May 12, 2016

How long should the ISMS be in place before going for the certification audit

ISO 27001 & 22301
How long must these ISMS controls be in place before being able to get an audit? IN other words, some of these policies will be new and we are just creating and implementing them as we go through the process of trying to get certified. Do certification boards need to see these policies in place for a specified period of time first?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Expert
Dejan Kosutic May 12, 2016

Answer:

This is different from one certification body to the other - some require you to have ISMS in full operation for at least 3 months, while others do not have such a criteria. The best would be if you ask for proposals from couple of certification bodies, and ask them this specific question.

These articles may also help you:
- How to choose a certification body https://advisera.com/blog/2021/01/11/how-to-choose-an-iso-certification-body/
- Becoming ISO 27001 certified – How to prepare for certification audit https://advisera.com/27001academy/iso-27001-certification/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

May 12, 2016

May 12, 2016

Suggested Topics
LindaK Created:   Sep 08, 2024 ISO 27001 & 22301
Replies: 1
0 0

Template for ISO27001 Audit program
Evelin Created:   Jun 12, 2024 ISO 27001 & 22301
Replies: 3
0 0

How comprehensive and specific should we describe the implementation methods in SoA?
Ash Created:   Jan 21, 2024 ISO 27001 & 22301
Replies: 1
0 1

ISO 27001 Internal Audits