Can a company do an ISO 17799/27001 certification in-house?

Tags:
Information security
Information Security Management System
ISO 17799
ISO 27001
ISO/IEC 27001
Security audits
Security certifications
Can a company do an ISO 17799/27001 certification in-house or does it require a third party to come in and do it? what about after that - are recertifications required or can that be done in house with an internal auditor?
ASKED: November 25, 2008  10:17 PM
UPDATED: June 6, 2011  12:03 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

The certification needs to be done by an external entity, you can however conduct an internal audit just to make sure you are ready to be certified.

Any third-party (independent professional or company) could do the certification and sign the report, but as the certification is something that will add market value to the certified company (in addition to the internal value), it is generally preferred to choose some recognized (accredited) firm to do it.

Once certification is achieved, organizations can expect to undergo periodic monitoring audits and must reapply for certification every three years.

When choosing certification body, ensure it is accedited for providing ISO 27001 certifications by accreditation body reckognised at your market. If you are not sure who is it, you can look for UKAS accredited company as UKAS accreditations are valid world wide.

You can’t get certified against ISO 17799 (now ISO 27002). Only ISO 27001 is designed for certification purpose.

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following