I am working with companies as a consultant and helping them prepare policies they require for ISO27001 and ISAE3402 (also SOC1 and SOC2). I have also managed the audit process for my own business.
My question is what can I do if I get certified that I can't do now? Secondly, do I have to get certified for all 4 - ISAE3402/ISO27001/SOC1/SOC2 or can I do one overarching certification that will apply to all? Also what are the global bodies that accredit ISO certifications and does that apply to Advisera?
Thanks for your help.
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
1 - I am working with companies as a consultant and helping them prepare policies they require for ISO27001 and ISAE3402 (also SOC1 and SOC2). I have also managed the audit process for my own business. My question is what can I do if I get certified that I can't do now?
Answer: ISAE3402 is out of our fields of expertise to provide a proper answer, but regarding ISO 27001, if you are a certified ISO 27001 Lead Auditor, you can work for certification bodies as a certification auditor.
Another available ISO 27001 certifications are ISO 27001 lead auditor and ISO 27001 lead implementer, but they are not required for performing internal audit, or ISO 27001 implementation, respectively, but they can improve your chances to get related jobs.
For further information, see:
- ISO 27001 Internal Auditor training – Is it good for my career? https://advisera.com/27001academy/blog/2016/03/29/iso-27001-internal-auditor-training-is-it-good-for-my-career/
- What does ISO 27001 Lead Implementer training look like? https://advisera.com/27001academy/blog/2016/11/28/what-does-iso-27001-lead-implementer-training-look-like/
- What does ISO 27001 Lead Auditor training look like? https://advisera.com/27001academy/blog/2016/08/29/what-does-iso-27001-lead-auditor-training-look-like/
About courses related to these certifications, see:
If your intent is to apply for ISO 27001 information security-related jobs, you should consider these courses:
- ISO 27001:2013 Internal Auditor Course https://advisera.com/training/iso-27001-internal-auditor-course/
- ISO 27001 Lead Auditor Course https://advisera.com/training/iso-27001-lead-auditor-course/
- ISO 27001:2013 Lead Implementer Course https://advisera.com/training/iso-27001-lead-implementer-course/
2 - Secondly, do I have to get certified for all 4 - ISAE3402/ISO27001/SOC1/SOC2 or can I do one overarching certification that will apply to all?
Answer: We are unaware of single certifications that cover all these standards, so you should contact ISO accredited training providers, or the organizations responsible for ISAE 3402 and SOC1/SOC2 frameworks, the ask for such information.
3 - Also what are the global bodies that accredit ISO certifications and does that apply to Advisera? Thanks for your help.
Answer: Considering ISO 27001 personal certification, the most recognized accreditation bodies for training providers are IRCA, PECB, and Exemplar Global (formerly RABQSA).
Advisera is accredited by Exemplar Global for 27001, 9001, and 14001 Foundations, Internal audit and Lead audit courses.
Comment as guest or Sign in
Dec 20, 2020