SMT

Resource

Center

 

Coming Soon

Security Management Technology Center Develop Elearning, FAQ , New Center...

SMT BLOG

The PECB Certified ISO/IEC 27001 Implementer certifications are professional certifications for specialists needing to implement an Information Security Management System (ISMS) and, in case of the PECB Certified ISO/IEC 27001 Lead Implementer Certification, needing to manage an implementation project.

PECB Certified ISO/IEC 27001:2013, Information technology — Security techniques — Information security management systems — Requirements, specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in PECB Certified ISO/IEC 27001:2013 are generic and are intended to be applicable to all organizations, regardless of type, size or nature.

Various professions may apply for this certification:

  • Compliance project managers
  • Information Security consultants
  • Internal and external PECB Certified ISO/IEC 27001 auditors
  • Members of an Information Security team

The requirements for "Implementer" certifications are:

 

Credential Exam Professional experience ISMS project experience Other requirements
ISO/IEC 27001 Provisional Implementer PECB Certified ISO/IEC 27001 Lead Implementer Exam or equivalent None None Signing the PECB code of ethics
ISO/IEC 27001 Implementer PECB Certified ISO/IEC 27001 Lead Implementer Exam or equivalent Two years: One year of information security work experience Project activities totalling 200 hours Signing the PECB code of ethics
ISO/IEC 27001 Lead Implementer PECB Certified ISO/IEC 27001 Lead Implementer Exam or equivalent Five years: Two years of information security work experience Project activities totaling 300 hours Signing the PECB code of ethics

For certification purposes, the following implementation types constitute valid implementation experience:

If an applicant doesn't have all requirements to apply for the credentials of PECB Certified ISO/IEC 27001 Lead Implementer, he/she may apply for the credentials of PECB Certified ISO/IEC 27001 Implementer or PECB Certified ISO/IEC 27001 Provisional Implementer.

  1. Internal implementation
  2. External/consulting implementation
  3. Partial implementation

To be considered valid, these implementation activities should follow best implementation practices and include most of the following activities:

  1. Drafting an ISMS implementation business case
  2. Managing an ISMS implementation project
  3. Implementing information security controls
  4. Managing information security controls
  5. Implementing metrics
  6. Implementing corrective or preventive action
  7. Performing a management review
  8. Performing a risk assessment
  9. Managing incidents
  10. Managing an information security team

Would you like more information ?

Click here
Would you like more information? Click here
1000 characters left

Newsletter

Subscribe to our newsletter and stay updated on the latest news and special offers!
Please wait