描述

Information Security Management System ISO_IEC 27001:2022 Internal Auditor 3 Days

Today, information is as precious asset as currency and the key to growth of any organization. It could be in form of Data in transit or Data at rest. Securing Information means assuring confidentiality, promising availability and protecting integrity of the information. If sensitive and critical information is compromised, then an organization may have to face various risks like brand image erosion, business disruption, financial and productivity loss. You can protect business critical information from a wide range of threats by establishing Information security management system and obtain ISO 27001 certification. It will also help you ensure business continuity, minimize business risk, maximize return on investments and increase business opportunities.

Topics

Explain the purpose and business benefits of:

Information Security Management Systems (ISMS), ISMS standards
Management system audit Third-party certification

Explain the role of an auditor to plan, conduct, report and follow up an Information Security Management system audit in accordance with ISO 19011.

Learn know how and skills to: Plan, conduct, report, and follow up an audit of an ISMS to establish conformity with ISO/IEC 27001/ ISO 19011

Aim

Auditing is essential to the success of any management system. As a result, it carries with it major responsibilities, challenges and complex problems. This five-day intensive course trains ISMS auditors to lead, plan, manage and implement an Audit Plan. It also empowers them to give practical help and information to those who are working towards obtaining certification and also provides the knowledge and skill required to carry out external auditing including auditing service providers, suppliers and subcontractors.

Content

Through this education/training....

• know ISO 19011 as an auditing guidelines
• Process and controls -oriented auditing
• Communication techniques/conversation skills for auditors
• Dealing with critical audit situations
• Know the requirements of ISO 27001 for the management system, as well as the scope of application in the context of auditing.
• you can plan, perform and follow up ISO IEC 27001 audits.
• you can carry out the verification of conformity to standards through internal audits
• you can perform analysis, assessment and auditing of the characteristics of an ISMS checklist methodology

Prerequisites for participation

Basic knowledge of Information Security with work experience of minimum 3 years in any industry. Having knowledge of Management systems like ISO 9001 would be an added advantage.

Target audience

The target group of this auditor training includes all specialists and managers who would like to or should audit management systems externally according to ISO 27001.

Compared to the 5-day training, not all "controls" of Annex A of ISO/IEC 27002 are dealt with (only specific ones as examples). Simulations and role plays are also reduced to the minimum.

This course is very appropriate for those wish to Lead audits of ISMS in accordance with ISO/IEC 27001 (either as a 2nd party, or 3rd party auditor), those wishing to learn about effective audit practices.

Qualification Certificate

After passing the exam you will receive a certificate of Internal Auditor ( ISO 27001)

Duration

3 days