When seeking certification to ISO 27001, you should always avoid non-accredited certification bodies.
Non-accredited certification bodies (and those that falsely claim to be accredited) may not be subject to regular performance, quality and competence monitoring by a national accreditation body such as ANAB (ANSI-ASQ National Accreditation Board).
Plus, they usually don’t operate in line with the international standards that set out requirements for certification bodies (e.g. ISO/IEC 17021).
For peace of mind, organisations should look to ANAB.
ANAB assesses and accredits certification bodies that audit and certify organisations conforming to management system standards across many industries – from information security and telecommunications to aerospace and food safety.
List of ISO 27001 accredited certification bodies in the USA
These are all ANAB-accredited certification bodies for ISO 27001:
- 360 Advanced Compass Rose
- ABS Quality Evaluations
- A-LIGN
- Aprio
- BARR Certifications
- BSI
- CIRQ
- Coalfire Certification
- Consilium Labs
- ControlCase Assessments
- DEKRA
- DQS
- Frank, Rimerman Information Security
- ISOQAR
- Kompleye
- LBMC
- Marcum
- Moss Adams Certifications
- NQA
- NSAI
- NSF
- Orion Registrar
- PRI Registrar
- QSR
- Schellman
- Securisea CB
- Sensiba
- SGS
- Smith + Howard
- SRI Quality System Registrar
- TÜV Rheinland
- TÜV SÜD
As this list is subject to change, we recommend using ANAB’s directory to confirm whether a certification body has a valid ANAB accreditation certificate.
How to choose a certification body
Your main concern when choosing a certification body will probably be the fee, but you should also consider a few other things.
For a start, make sure the certification body is accredited and has a good reputation within your industry.
Remember some certification bodies specialise within certain sectors. That means the auditors might have plenty of experience in, say, the retail sector, but aren’t aware of the specifics of your business.
As a result, you’ll lose time explaining the ins and outs of your organisation – an issue you won’t face if you select an auditor well-versed in your industry’s practices.
That’s not to say that the most expensive option is always the best, or that the least expensive is the worst. You’re looking for the knowledge and experience that’s right for your organisation.
Looking to reach ISO 27001 certification readiness in just six months?
Get all the consultancy support you need to implement an ISO 27001-compliant ISMS (information security management system) quickly and cost-effectively.
Our turnkey ISO 27001 FastTrack
package provides the resources and expertise your organisation needs to prepare for and achieve accredited certification to ISO 27001:2022 for a fixed fee.
Here’s what one of our customers said about it:
“Our consultant was always on hand to answer queries and really cared about the end result. He put in an enormous amount of solid effort, so huge thanks to him and the rest of your support team.”
The post List of US Accredited Certification Bodies for ISO 27001 appeared first on IT Governance Blog.
