Considering ISO 27001 Certification: Will It Boost My Career in Information Security?

Hi All,

I am planning to go for ISO 27001 certification from BSI. Looking to get more information about prospective industries for job openings and careers as Information Security Personnel in organizations.

Scope of Growth
Industry Maturity
Type of Basic Understanding required for the role
Specific skill sets required for the profile.
& all that you can share...

My Profile:
Master's in Commerce, Pursuing MBA.
Six Sigma Green Belt Certified, Kaizen Certified.
Working for a Fortune 500 Company for the last 2 years.
Part of BCP/DR team, undergone a BCP/DR exercise.
Acting as Information Security Coordinator for a 20-seater process.
Maintaining Asset and Access Register, BIA (Business Impact Analysis), Team hurdles on following guidelines for Information Security.

Please advise, will going for the ISO 27001 add value to my profile and be a good future prospect, as I aim to be part of the ISMS team at the organizational level.

Hi Ravi,

IT/ITES should help. Almost any company using data and maintaining confidentiality on the data require ISO 27001:2005 (called ISMS or Information Security Management Systems). BCP/Six Sigma, Kaizen, Asset Management List - covered everything. The systems and practices adopted by a company will determine. I worked earlier in an ISO Certification Body. Companies go for the entire organization or for specific IT departments for Certification.

You can get an ISMS auditor in ISO organizations or work as an in-house auditor or alternatively work as an external consultant. There's also IRCA - where you can register as an auditor and work for several companies, though it has minimum requirements like being a Lead Auditor and having experience in at least 10 audits per year (check on International Register of Certificated Auditors). Minimum basic hardware and networking should help. Give me time to check and get back to you.