I’ve recently passed ISO 27K1 foundation exam. Now planning for ISO 27K1 lead auditor course and exam. I’ve query regarding it. After I pass the exam ISO 27K1 lead auditor from Advisera, then am I able to audit companies for ISO certification and provide certification? So, I was checking PCEB exam too, but Criteria seems different then Advisera. Please advice.
First is important to note that certifications can be issued only by certification bodies, not persons, and to work for them you need to be a certified auditor.
Considering that, to start your journey to become an information security certification auditor, you should attend an ISO 27001 Lead Auditor Course, so you can understand the concepts of the ISO 27001 management system and the processes and techniques involved in an audit.
After attending the course and being approved for the exam, if you want to work as a certification auditor, you need to accumulate audit hours working for a certification body, first as an observer, and after that as an audit team member, so you can gain understanding and experience in practical audits. After sufficient auditing hours for a certification body, and good evaluations from your team leader, you can achieve the status of certification auditor and after that certification for lead auditor.
This article will provide you with a further explanation about becoming a lead auditor:
You can also consider doing the ISO27001 Lead Implementer and ISO27001 Internal Auditor course, and provide consulting services for implementing ISO27001 in organizations and conducting internal ISO27001 audits.