Article Directory
Welcome to the TRECCERT article directory, where we feature news and insights on information security, data protection, business continuity, risk management and more. The information provided is based on research and acts as a valuable platform for ICT professionals to keep up with current developments, trends and more. To stay up to date and informed, check out the latest articles below.
Finding a Certificate of High Quality to Enhance Your Career
ISO is an independent organization that brings together experts from different fields to develop standards that support innovation and provide solutions to global challenges. The purpose of ISO standards is to set globally accepted requirements and guidelines. These standards aim to support organizations worldwide to ensure that their materials, products, processes and services are suitable for the market in which they operate and enable customers to place more trust in them.
ISO is an independent organization that brings together experts from different fields to develop standards that support innovation and provide solutions to global challenges. The purpose of ISO standards is to set globally accepted requirements and guidelines. These standards aim to support organizations worldwide to ensure that their materials, products, processes and services are suitable for the market in which they operate and enable customers to place more trust in them.
One category of standards that ISO publishes is management system standards. These standards contain requirements, guidelines and recommendations for organizations of all types on how to organize and manage their internal processes and continuously improve them. Some of the more popular ISO management system standards include:
Information Security Management System -ISO/IEC 27001 | Compliance Management System - ISO 37301 | Business Continuity Management System - ISO 22301 | IT Service Management System - ISO/IEC 20000-1 | Quality Management System - ISO/IEC 9001 |
This standard specifies requirements for establishing, developing, implementing, evaluating, maintaining and improving an effective Information Security Management System. | This standard specifies requirements for establishing, developing, implementing, evaluating, maintaining and improving an effective Compliance Management System. | This standard specifies requirements for establishing, developing, implementing, evaluating, maintaining and improving an effective Business Continuity Management System. | This standard specifies requirements for establishing, developing, implementing, evaluating, maintaining and improving an effective IT Service Management System. | This standard specifies requirements for establishing, developing, implementing, evaluating, maintaining and improving an effective Quality Management System |
In recent years, the demand for ISO management standard certifications has been growing at an increasing rate. In the span of five years, the number of ISO/IEC 27001 certifications increased by 78%, ISO 22301 certifications by 135%, and ISO/IEC 20000-1 certifications by 144%.[1] Even ISO 9001, the most popular management system standard, has experienced a 3.1% yearly growth in the number of certifications.
In order to be able to implement, maintain and audit these management systems or increase the likelihood of employment, an increasingly high number of professionals is also seeking personnel certification for these standards. In response to the high demand, numerous certification bodies across the world have started offering certification services. However, all certificates are not equally valuable and will not provide you with the same benefits and quality standards. In order for you to make the best choice when it comes to choosing the right certification body for you, please consider the following tips.
Tip #1: Search for Accreditation Statement
ISO/IEC 17024:2012 is a standard that sets the requirements for personnel certification bodies and is used as a criteria document for accreditation. Accreditation is a third-party attestation related to a conformity assessment body conveying a formal demonstration of its competence to carry out specific conformity assessment tasks[2]. Many countries have their own national accreditation bodies and most of them are part of the International Accreditation Forum (IAF). Accreditation bodies assess the conformity of certification bodies with applicable requirements and ensure that they are capable of providing their services appropriately. Accreditation, which leads to a high level of quality, is a long, complex and expensive process. Considering its importance, certification bodies will share and highlight their accreditation on the issued certificate, website, social media and other communications. You can find TRECCERT’s accreditation statement here.
It is important to also note that, while most national accreditation bodies are members of the IAF, they do not necessarily have the same processes in place or the same requirements. TRECCERT has intentionally chosen the American National Standards Institute (ANSI) – National Accreditation Board (ANAB) as the most prestigious and rigorous accreditation body in order to highlight our uncompromised commitment to the highest global standards.
Tip #2: Check Certification Requirements
If a certification body only requires you to take the exam in order to get “certified”, it might be that the certification scheme does not have a high market value. That is because certificate holders only demonstrate that they are able to pass an exam, not that they have actual work experience and are able to perform the required tasks of the occupation.
Alternatively, high-quality accredited certification bodies typically also provide options and include requirements for recertification. If continuing professional education (CPE) is not a requirement for recertification, that could also be a sign of a low-quality certificate. Requiring CPE from certificate holders is a method for ensuring that they remain competent and is a criteria of quality certification.
Tip #3: Search for Accreditation Bodies’ List of Accredited Certifications
It is important to understand that certification bodies often do not include all of their certification schemes in their accreditation scope. While it is a market acceptable practice, certification bodies sometimes make it difficult to understand which of their certification schemes are accredited. In order to make sure that the certification scheme that you are interested in is accredited, and the Certification Body has only vague information, your best option is to visit the website of the accreditation body or contact them. Here you can find an example how ANAB lists the personnel certification bodies and their accredited certification schemes.
Tip #4: Find the Certification Behind the Training
In the ISO Personal Certification industry certifications are often available as an addition to training as a must. Often the marketing of the trainings focuses on content, delivery and branding of the training provider. However, for a personal ISO certification, the training is not a prerequisite according to 17024:2012. Therefore, when deciding for a training, which is bundled with an exam and certification, also the quality of the certification should be evaluated.
TRECCERT Exams do not have the precondition of booking and paying for training. Also, TRECCERT provides certifications that attest the competencies of professionals. TRECCERT is an accredited personnel certification body for the ISO/IEC 27001 Lead Implementer and ISO/IEC 27001 Lead Auditor Certification schemes.
[1]https://isotc.iso.org/livelink/livelink?func=ll&objId=18808772&objAction=browse&viewType=1
[2] ISO/IEC 17000:2020 Conformity assessment — Vocabulary and general principles