Standard review and recertification cycle
Assign topic to the user
Answer: The review of an ISO standard generally starts 5 years after its release, and this process takes up to 3 years to release a new version. Of course if an industry or community presents a justifiable request this time between reviews may change, but the duration of the review process remains within the 3 years time frame.
2 - Can you advise me how re-certification is achieved?
Answer: For the certification body, the re-certification process is the same as the certification one, the certification auditor will go through all the certification scope during the audit, to verify if all requirements of the standard, as well as the requirements defined by the organization, are in place and working as expected.
For the organization, when the recertification involves the release of a new version of the standard, the re-certification process starts with a gap analysis between the old and the new versions of the standard, so you can identify what has changed and which actions should be done to comply with the new requirements.
After the new requirements are implemented, you have to ensure they are properly operated, controlled and that they achieve the expected results, through internal audit and management review, so you can have the necessary evidences that the new requirements are all properly implemented, and that identified problems are handled through corrective actions.
These articles will provide you further explanation about certification process:
- Surveillance visits vs. certification audits https://advisera.com/27001academy/knowledgebase/surveillance-visits-vs-certification-audits/
- Becoming ISO 27001 certified – How to prepare for certification audit https://advisera.com/27001academy/iso-27001-certification/
Comment as guest or Sign in
May 25, 2017