ISO 27001 Certification Bodies

Organizations are certified worldwide via certification bodies. These certifying organizations are monitored by a higher-level and independent accreditation body. This accreditation body (e.g. UKAS, RvA, DAkkS) grants the ISO 27001 certification bodies permission to carry out certifications. The accreditation body (e.g. UKAS) therefore carries out an audit of the certification bodies every year to protect the standards. All documentation and processes are checked. This is intended to ensure that the auditors and administrative staff of the certification bodies carry out the certification process correctly. Administrative staff review the submitted documents as part of an audit and archive them in accordance with standards.

How to choose an ISO 27001 accredited certification body?​

For companies that want to be certified according to ISO 27001, it is important to choose a certification body that is suitable for them. Depending on what goals you are pursuing with the certification, you have to be selective. Costs and sales priorities, in addition to regulatory requirements, also play a role. In the following video (approx. 11 minutes) we explain how to choose a certification authority and which situations require an alternative certification authority. This gives you an easier understanding of what is important for your company when it comes to certification. Not every certification body with strong domestic brand recognition has a positive marketing impact in certain foreign target markets.

Which ISO 27001 certification bodies are there?

The following certification bodies can certify companies nationally or internationally according to ISO 27001:

Our ISO 27001 Experts are also auditing on behalf of several european certification bodies (ifc global, TÜV Nord, TÜV Süd) according to the  ISO 27001:2013 and ISO 27001:2022 standard.