ISO 27001 and DORA EU
I am a compliance specialist in payment services and in light of upcoming DORA EU legislation i thought i might get an ISO certification. Am i correct that i need 27001? what type of certification i need?
Assign topic to the user
I’m assuming that by DORA you mean the Digital Operational Resilience Act
Considering that, DORA’s purpose is to strengthen the financial sector’s resilience to ICT-related incidents, and although not mandatory for DORA, ISO 27001 can provide a robust baseline to support compliance with this objective.
Regarding personal certifications, you can consider:
- ISO 27001 Lead Implementer – this certification recognizes people who have competency in the ISO 27001 implementation process.
- ISO 27001 Lead Auditor – this certification recognizes people who have competency in auditing an ISMS against ISO 27001 requirements and want to become certification auditors (and with this provides more confidence to an organization for being certified).
These articles will provide you with a further explanation of ISO 27001 personnel certifications:
- What does ISO 27001 Lead Implementer training look like? https://advisera.com/27001academy/blog/2016/11/28/what-does-iso-27001-lead-implementer-training-look-like/
- What does ISO 27001 Lead Auditor training look like? https://advisera.com/27001academy/blog/2016/08/29/what-does-iso-27001-lead-auditor-training-look-like/
- Lead Auditor Course vs. Lead Implementer Course – Which one to go for? https://advisera.com/27001academy/blog/2014/06/16/lead-auditor-course-vs-lead-implementer-course-which-one-to-go-for/
For courses related to these certifications, please see:
- ISO 27001:2013 Lead Auditor Course https://advisera.com/training/iso-27001-lead-auditor-course/
- ISO 27001:2013 Lead Implementer Course https://advisera.com/training/iso-27001-lead-implementer-course/
Comment as guest or Sign in
Oct 18, 2022