SMT

Resource

Center

 

Coming Soon

Security Management Technology Center Develop Elearning, FAQ , New Center...

SMT BLOG

The PECB Certified ISO/IEC 27001 Auditor certifications are credentials for professionals needing to audit an Information Security Management System (ISMS) and, in case of the PECB Certified ISO/IEC 27001 Lead Auditor" Certification, able to manage a team of auditors.

The principal competencies and knowledge skills needed by the market are the ability to proficiently plan and perform audits compliant with the certification process of the PECB Certified ISO/IEC 27001:2013 standard and to master the audit techniques and to manage (or be part of) audit teams and audit program.

Various professions may apply for this certification:

  • Auditor wanting to perform and lead an Information Security Management System (ISMS) audits as the responsible of an audit team
  • Project manager or consultant wanting to master the Information Security Management System audit process
  • Person responsible for the Information security or conformity in an organization
  • Member of the information security team
  • Expert advisor in information technology
  • Technical expert wanting to prepare for an Information security audit function

The requirements for "Auditor" certifications are:

 

Credential Exam Professional experience MS audit/ assessment experience Other requirements
ISO/IEC 27001 Provisional Auditor PECB Certified ISO/IEC 27001 Lead Auditor Exam or equivalent None None Signing the PECB code of ethics
ISO/IEC 27001 Auditor PECB Certified ISO/IEC 27001 Lead Auditor Exam or equivalent Two years: One year of information security work experience Audit activities totaling 200 hours Signing the PECB code of ethics
ISO/IEC 27001 Lead Auditor PECB Certified ISO/IEC 27001 Lead Auditor Exam or equivalent Five years: Two years of information security work experience Audit activities totaling 300 hours Signing the PECB code of ethics

For certification purposes, the following audit types constitute valid audit experience:

If an applicant doesn't have all requirements to apply for the credentials of PECB Certified ISO/IEC 27001 Lead Auditor he/she may apply for the credentials of PECB Certified ISO/IEC 27001 Auditor or PECB Certified ISO/IEC 27001 Provisional auditor.

  1. Pre-assessment/pre-audit
  2. Gap analysis
  3. Internal audits
  4. Second party audits
  5. Third/external audits
  6. Opinion audit

To be considered valid, these audits should follow best audit practices and include most of the following activities:

  1. Audit planning
  2. Audit interview
  3. Managing an audit program
  4. Drafting audit reports
  5. Drafting non-conformity reports
  6. Drafting audit working documents
  7. Documentation review
  8. On-Site Audit
  9. Non-conformity follow-up actions
  10. Leading a team of auditors

Would you like more information ?

Click here
Would you like more information? Click here
1000 characters left

Newsletter

Subscribe to our newsletter and stay updated on the latest news and special offers!
Please wait