Hi, this is my first question here!
Where exactly is it defined that ISO 27001 has a 3 year certificate to include Stage 1 & 2 audits along with annual Surveillance Reviews until its expiration? I'm still trying to wrap my head around Certification Bodies. Thank you.
Assign topic to the user
Expert
Rhand Leal
Jun 28, 2022
This three-year cycle period was a recommendation from the International Accreditation Forum (IAF) for certification bodies to be compliant with ISO 17021, the ISO standard which defines requirements for certification bodies.
IAF sets common requirements for organizations acting as certification bodies.
Comment as guest or Sign in
Jun 27, 2022
Jun 28, 2022
Jun 28, 2022