Couple of generic TickIT and ISO 27000 questions

Hershal

Hershal

Metrologist-Auditor
Trusted Information Resource
I am doing some background research for the organization I work for, and have two basic questions.

Is there a personnel certification available for professionals working in the ISO/IEC 27000-series standards?

How might the standards interface (if at all) with TickIT certification?
 
Colin

Colin

Quite Involved in Discussions
IRCA offer a certification scheme for 27001 auditors - click here for the link.

I am not too familiar with TickIT but there is an obvious link for the electronic data side of things. However, ISO 27001 is about more than just electronic security, it also impacts upon paper and physical security too.
 
A

AndyN

Moved On
Hershal said:
I am doing some background research for the organization I work for, and have two basic questions.

Is there a personnel certification available for professionals working in the ISO/IEC 27000-series standards?

How might the standards interface (if at all) with TickIT certification?
Click to expand...

Colin is correct, there are ISO 27001 certifications available.

The TickIT scheme is primarily for the interpretation, implementation and auditing of organizations who produce/support actual computer software - which was necessary when the ISO 9001 standard was so 'manufacturing' oriented in the past (pre-2000). So, in most aspects, it has little to do with information security, but that is a component. As Colin says, ISMS is (much) more than IT security...
 
Richard Regalado

Richard Regalado

Trusted Information Resource
Hershal said:
I am doing some background research for the organization I work for, and have two basic questions.

Is there a personnel certification available for professionals working in the ISO/IEC 27000-series standards?

How might the standards interface (if at all) with TickIT certification?
Click to expand...

Most CB's offer 2 basic personnel certification, lead implementer and lead auditor.

TickIT deals primarily with software so it interfaces well with Section A.12 Information Systems Acquisition and Development of ISO/IEC 27001.
 
Hershal

Hershal

Metrologist-Auditor
Trusted Information Resource
AndyN said:
Certification Bodies offer personnel certification? Really? Are they QMS CBs or another kind of CB?
Click to expand...

Certification Bodies that are recognized under the IAF MLA can offer personnel certification under ISO/IEC 17024.
 
A

AndyN

Moved On
Hershal said:
Certification Bodies that are recognized under the IAF MLA can offer personnel certification under ISO/IEC 17024.
Click to expand...

Yeah, I'm aware of that - I co-wrote an ISO/IEC 17024 Lead Auditor course for ANSI...but in the world of ISO Certification, rarely do CBs offer personnel certification (and not 'most' as was posted) - even the company I work for in the UK (parent) they have another division which does that.
 
Richard Regalado

Richard Regalado

Trusted Information Resource
AndyN said:
Yeah, I'm aware of that - I co-wrote an ISO/IEC 17024 Lead Auditor course for ANSI...but in the world of ISO Certification, rarely do CBs offer personnel certification (and not 'most' as was posted) - even the company I work for in the UK (parent) they have another division which does that.
Click to expand...

Apologies. I was referring to a different certification and totally miss the point of the TS. :)
 
You must log in or register to reply here.
Top Bottom