IRCA Certified ISO/IEC 27001 Information Security Management Training Course
IRCA ISO 27001 ISMS (INFORMATION SECURITY) LEAD AUDITOR TRAINING
About ISO/IEC 27001
Internationally recognized ISO/IEC 27001 is an excellent framework which helps organizations manage and protect their information assets so that they remain safe and secure. It helps you to continually review and refine the way you do this, not only for today, but also for the future. That’s how ISO/IEC 27001 protects your business, your reputation and adds value.
The aim of this course is to provide delegates with the knowledge and skills required to perform first, second and third-party audits of information security management systems against ISO/IEC 27001 (with ISO/IEC 27002), in accordance with ISO 19011 and ISO 17021, as applicable.Based on practical exercises, the participant will develop the abilities (mastering audit techniques) and skills (managing audit teams and audit program, communicating with customers, conflict resolution, etc.) necessary to the efficient conducting of an audit.
This five-day intensive course enables participants to develop the expertise needed to audit an Information Security Management System (ISMS) and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques.
- Understand the relationship between ISO27001, ISO 27000, ISO 27002, ISO 27003, ISO 17021 and ISO 19011
- Understand the purpose of information security management systems, PDCA and the 7 management principles
- Understand the principles and methods of performing process based audits against ISO 27001
- Understand the roles and responsibilities of an auditor and a lead auditor
- Have used ISO 19011 to prepare, perform and lead an audit
- Have evaluated and reported audit findings and addressed effective follow-up activities
WHO SHOULD TAKE THE COURSE?
This course is specially designed for:
- Members/supporting personnel of the Information Security Management Team who have responsibility to audit/implement/improve an information security management system;
- All ISMS auditors who wish to acquire an internationally recognized auditor status
- Any other personnel who wish to advance their career in management systems, irrespective of discipline
Students are expected to have prior knowledge on the following subjects:
- Management systems: Understand the Plan-Do-Check-Act (PDCA) cycle;
- Information security management principles and concepts: awareness of the need for information security; the assignment of responsibility for information security; incorporating management commitment and the interests of stakeholders; enhancing societal values; using the results of risk assessments to determine appropriate controls to reach acceptable levels of risk; incorporating security as an essential element of information networks and systems; the active prevention and detection of information security incidents; ensuring a comprehensive approach to information security management; continual reassessment of info. security and making of modifications as appropriate
- Knowledge on ISO/IEC 27001 requirements (and ISO/IEC 27002) may be gained by completing a CQI IRCA certified ISMS Foundation Training course or equivalent.
Why choose BDTASK CORPORATE training?
- Expert trainers – All of our trainers have a wealth of experience and expertise in their field and are eager to pass this onto you in an effective way that you can take away and utilise.
- Quality assured – Our trainers are assessed by delegates both annually and after each course. 99% of attendees scored overall trainer delivery, skills and knowledge as good or very good.
- Interactive learning – We see the importance of practical and hands on learning so we have built this into all of our courses to further deepen your knowledge and engagement.
- Small class sizes – Our courses all have a maximum of 12 delegates to ensure you are getting the best learning experience possible.
- A learning journey – We offer a step-by-step training journey to help you improve over time. From introduction courses all the way up to our lead auditor training. We are always developing new training to keep up with the changing world of ISO standards.
Day 1: Introduction to Information Security Management System (ISMS) concepts as required by
- ISO 27001
- Normative, regulatory and legal framework related to information security
- Fundamental principles of information security
- ISO 27001 certification process
- Information Security Management System (ISMS)
- Detailed presentation of the clauses 4 to 8 of ISO27001
Day 2: Planning and Initiating an ISO 27001 audit
- Fundamental audit concepts and principles
- Audit approach based on evidence and on risk
- Preparation of an ISO 27001 certification audit
- ISMS documentation audit
- Conducting an opening meeting
Day 3: Conducting an ISO 27001 audit
- Communication during the audit
- Audit procedures: observation, document review, interview, sampling techniques, technical verification, corroboration and evaluation
- Audit test plans
- Formulation of audit findings
- Documentating nonconformities
Day 4: Concluding and ensuring the follow-up of an ISO 27001 audit
- Audit documentation
- Quality review
- Conducting a closing meeting and conclusion of an ISO 27001 audit
- Evaluation of corrective action plans
- ISO 27001 Surveillance audit
- Internal audit management program
- Hand in homework: Audit report
- Final questions/revision
- Introduction to the exam
- Reflection & feedback
- Lectures 0
- Quizzes 0
- Duration 40 Hours
- Skill level All levels
- Language English
- Students 0
- Assessments Yes