PECB Processes

How can my company get Certified?

246 views 2016-01-31 2017-06-09 PECB Digital Manager 3

Understanding the Certification Process

ISO/IEC 27001 certification (also known as “registration”) is granted by a third-party, such as PECB, upon verifying through an audit that the organization is in compliance with the requirements of the ISO/IEC 27001 standard.  This certification is then maintained through scheduled annual surveillance audits by the registrar, with re-certification of the Information Security performed on a triannual basis.

  • Step 1. Pre-Audit (Optional)- It must be done at least 3 months before Certification Audit
  • Step 2. Audit Plan – Plan for audit has to be mutually agreed
  • Step 3. Audit Stage 1 & 2 – Non-conformities must be closed at least 3 months after audit conclusions
  • Step 4. Initial Certification – Certificate will be issued within 2 weeks after successful audit closing

Once certification has been obtained, the organization will be subjected to two surveillance audits within 24 months from the initial certification:

  • 1st Surveillance Audit– No longer than 12 months from the initial certification audit
  • 2nd Surveillance Audit – No longer than 12 months from the 1st surveillance audit

For more, please see the document below Understanding the Certification Process or visit or visit www.pecb.com/management-systems.

If your company is interested to obtain the ISO/IEC 27001 certification, Apply here.

 

Was this helpful?