ISO 27000 and ISO 20000 - which to go first for?
Which certification to go for first between ISO 27000 and ISO 20000 as an IT Risk and Compliance professional?
Assign topic to the user
I’m assuming you are referring to personal certifications
Considering that, the order on which to pursue these certifications will depend on your needs:
- if your priority is to ensure the quality of IT services, then you should go first for ISO 20000 certifications.
- if your priority is information protection, then you should go first for ISO 27001 certifications.
Since you mentioned IT risk and compliance, the specific field of certification for you would be audit:
- ISO 27001 Lead Auditor – this certification recognizes people who have competency in auditing an ISMS against ISO 27001 requirements and want to become certification auditor (and with this provides more confidence to an organization for being certified).
- ISO 20000 Lead Auditor – this certification recognizes people who have competency in auditing an ITSM against ISO 20000 requirements and want to become certification auditor (and with this provides more confidence to an organization for being certified).
These articles will provide you a further explanation about ISO 27001 and ISO 20000 personal audit certifications:
- What does ISO 27001 Lead Auditor training look like? https://advisera.com/27001academy/blog/2016/08/29/what-does-iso-27001-lead-auditor-training-look-like/
- Process to obtain ISO/IEC 20000 certification: Companies and individuals https://advisera.com/20000academy/knowledgebase/iso-20000-certification-the-process-of-obtaining-a-certifica/
For the ISO 27001 Lead Auditor Course, please see:
- ISO 27001:2013 Lead Auditor Course https://advisera.com/training/iso-27001-lead-auditor-course/
Comment as guest or Sign in
Mar 11, 2021