Course FAQ — How to choose the right ISO certification

Many people are looking to become qualified auditors, implementers, and managers in the world of ISO standards. Given there are many courses and exams on the market, what should a potential candidate look for to ensure they receive high-quality training and a globally recognised certification?

Here are some tips from our guest blogger, Graeme Parker, Managing Director of Parker Solutions Group.

Consider the certification body

A certification body is an organisation that can assess management systems, products, and, in some cases, people, against defined standards and attest in writing that certain requirements have been met.

Many management system certification bodies offer ISO training and exams, but this does not mean that these courses lead to professional, internationally recognised certifications for the delegate.  

For this, we need the services of a personnel certification body. But what is that and why is it important?

What is a personnel certification body?

A personnel certification body is an organisation that assesses the competence, experience, knowledge, and skills of individuals, leading to the award of professional, internationally recognised certifications to individuals.

So, if someone wants to be a certified ISO Lead Auditor or Lead Implementer, they need to have a certificate that is awarded by a personnel certification body.

Genuine personnel certification bodies are accredited under the ISO/IEC 17024 standard: ISO/IEC 17024: Conformity assessmentGeneral requirements for bodies operating certification of persons.

This standard requires the bodies to assess individuals in a fair and impartial manner leading to the award of recognised certifications.

Personnel certification bodies should be accredited to this standard by a national accreditation authority recognised by the International Accreditation Forum.

In Information Security, some recognised personal certification bodies accredited under ISO/IEC 17024 include ISC2 (CISSP), ISACA (CISA/CISM), and the Professional Evaluation and Certification Board (PECB) for Lead Auditor, Lead Implementer, and Management training and certification.

Once you have grasped these issues, you should consider the following: Do you need a certificate or a certification?

Certificate vs CertificationWhat’s the difference?

Many training providers state that, upon course or exam completion, delegates receive a certificate. Any organisation can issue a certificate; however, a certificate is not a certification.

A certification is a recognised qualification provided by an independent, fully accredited personnel certification body.

How does this apply to PECB?

PECB are an ISO/IEC 17024 accredited personnel certification body. PECB courses are available via a network of providers, such as Firebrand, who are authorised to offer PECB courses and exams.

For example, when taking a Firebrand PECB course, delegates can:

  • Access official PECB ISO courseware to prepare for the official accredited certification exam;
  • Take the official course and certification at the same location, without extra cost or paperwork;
  • Receive certification from a professional personnel body accredited under ISO 17204 with global recognition and credibility.

Seeking PECB certification is an important career goal that needs to be carefully considered. Here are some questions to help you:

  1. Who is the body that operates the examination for the course? If it is the training provider themselves, this is highly unlikely to lead to a professional certification;
  2. Who marks the examination? If it is the instructor, this clearly shows that the examination and thus any certification awarded is not accredited under ISO/IEC 17024. An instructor marking an examination is clearly not independent and not what would be expected of a professional certification;
  3. Is the certification awarded by an ISO/IEC 17024 accredited personnel certification body? If so, can the provider confirm this? 
  4. Does the provider give official course material to prepare delegates for the exam? For example, PECB providers such as Firebrand will offer official PECB training material to prepare delegates for the exam.

Get ISO-certified with Firebrand

For the past twelve years in a row, we’ve been named one of the Top 20 IT Training Companies in the World. We offer a wide range of ISO certification courses for all levels of experience, such as ISO 27001, ISO/IEC 27002, ISO/IEC 27005, and more. Perhaps one of them is right for you? See all our PECB ISO courses.