nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Why do some people get ISO certifications while others get vendor/vendor neutral cert

JohnGrub

Hello,
I'm asking this question because I'm studying for ITIL V3 Foundation. Hence I came accross words like ISO 200000. After a little bit o google, I noticed some people get certified in ISO. For instance ISO 27001, ISO 27002, ISO 27005 etc....
When talking about certification, I mostly know companies (vendors), like Microsfot certs, Comptia, SANS, Cisco, PMI, etc...
That's why I was wondering if getting individual ISO certification is not more valuable than vendor certifications ? Or should I say, career wise, skills wise, money wise, and anything else wise, why some people go for ISO and others go for vendor certifications ? (Obviously I know some mix both I'm not talking about them though...)

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

paul78

An ISO certification is not a professional certification. These are certifications that an organization obtains by submitting themselves through an audit which certifies that the organization complies with the requirements of a particular ISO standard.

An individual does not become ISO certified. However, an individual can become an ISO auditor who is qualified to audit an organization for ISO compliance.

JohnGrub

Oh okay then. So from what you said, training like https://www.google.com/search?q=iso+certificaion+training&rlz=1C1CHBD_frCI755CI755&oq=iso+certificaion+training&aqs=chrome..69i57j0l5.11179j0j4&sourceid=chrome&ie=UTF-8
are mainly to train auditors then. Thank you for your clarification Paul78

Ashenwelt

It gets weirder when you think of the ANSI/ISO accredited certification programs...

https://www.ansi.org/Accreditation/credentialing/personnel-certification/AllDirectoryDetails?&prgID=201&OrgId=2162&statusID=4
https://www.ansi.org/Accreditation/credentialing/personnel-certification/AllDirectoryDetails?&prgID=201&OrgId=97&statusID=4
https://www.ansi.org/Accreditation/credentialing/personnel-certification/AllDirectoryDetails?&prgID=201&OrgId=96&statusID=4

FluffyBunny

JohnGrub wrote: »

Oh okay then. So from what you said, training like https://www.google.com/search?q=iso+certificaion+training&rlz=1C1CHBD_frCI755CI755&oq=iso+certificaion+training&aqs=chrome..69i57j0l5.11179j0j4&sourceid=chrome&ie=UTF-8
are mainly to train auditors then.

That's one side of it. The other side would be for people to learn what the certification entails and requires, so they can help their company/employer achieve the goal of certification.

triplea

Theres also iso27001 lead implementor!

Hopefully in my new position the companies paying for this soon.

Deffo worth adding to my CV should I ever move on but more importantly will make me more confident as an infosec officer

Might be worth looking at that one too.