ISO 27001 FAQs

With the assistance of our ISO trainers, we have compiled answers to the most common questions we get asked about the ISO 27001 Lead Implementer & Lead Auditor courses. Read more…

When is the new 27001 standard coming out?

ISO27001:2022 has now been released. ISO 27001:2013 still applies. Organisations will continue to get certified to the 2013 version for the time being. Certification bodies will have a transition period lastly approx. 3 years.

If I’ve got the current version – will I be out of date/how do I upgrade?

An individual’s certification will roll forward forever as long as they continue to complete their professional development hours and report them to PECB each year. Naturally, professionals will obtain a copy of all revised standards and acquaint themselves.

What counts as work experience to apply for the 3 certification levels post course & exam?

Lead Auditor: 5 years professional – 2 years security management and audit, 300 hours audit.
Work experience would include any security and IT management activities and any assurance and auditing, including any specific ISO 27001 internal audit activities

So once I’m Auditor certified – does that mean I can now start to Audit businesses?

No. A lead auditor who aims to certify an organisation with an ISMS must work for an accredited “Certification Body”. The Certification Body must apply ISO 17021 to the certification process and thereby apply ISO 19011/27006 in ISMS certification audits.
Once Lead Auditor certified, the individual would be qualified to perform ISO27001 Internal Audits.

So once I’m Implementer certified – what does the implementer cert. allow me to do?

Our training provides 2 things:

– Knowledge of ISO 27001 requirements to aid your implementation project.

– Preparation for the certification exam

These certifications provide assurance to stakeholders (clients or bosses) that you know the content and approach to implement ISO 27001.
Once Lead Implementer certified, the individual would be qualified to guide organisations through implementation, operation and continual improvement of an ISMS.