描述

Today, information is as precious asset as currency and the key to growth of any organization. It could be in form of Data in transit or Data at rest. Securing Information means assuring confidentiality, promising availability and protecting integrity of the information. If sensitive and critical information is compromised, then an organization may have to face various risks like brand image erosion, business disruption, financial and productivity loss. You can protect business critical information from a wide range of threats by establishing Information security management system and obtain ISO 27001 certification. It will also help you ensure business continuity, minimize business risk, maximize return on investments and increase business opportunities.

Topics

Explain the purpose and business benefits of:

Information Security Management Systems (ISMS), ISMS standards
Management system audit Third-party certification

Explain the role of an auditor to plan, conduct, report and follow up an Information Security Management system audit in accordance with ISO 19011.

Learn know how and skills to: Plan, conduct, report, and follow up an audit of an ISMS to establish conformity with ISO/IEC 27001/ ISO 19011

Aim

Auditing is essential to the success of any management system. As a result, it carries with it major responsibilities, challenges and complex problems. This five-day intensive course trains ISMS auditors to lead, plan, manage and implement an Audit Plan. It also empowers them to give practical help and information to those who are working towards obtaining certification and also provides the knowledge and skill required to carry out external auditing including auditing service providers, suppliers, and subcontractors.

Content

Through this education/training....

• know ISO 19011 as well as relevant passages of ISO/IEC 17021, ISO/IEC 27006 and ISO/IEC 27007
• Process-oriented auditing
• Communication techniques/conversation skills for auditors
• Dealing with critical audit situations
• Know the requirements of ISO 27001 for the management system, as well as the scope of application.
• you can plan, perform and follow up ISO IEC 27001 audits.
• you can carry out the verification of conformity to standards through internal audits
• you can perform analysis, assessment and auditing of the characteristics of an ISMS checklist methodology

Prerequisites for participation

Basic knowledge of Information Security with work experience of minimum 3 years in any industry. Having knowledge of Management systems like ISO 9001 would be an added advantage.

Target audience

The target group of this auditor training includes all specialists and managers who would like to or should audit management systems externally according to ISO 27001. Furthermore, the training is also aimed at (future) consultants who would like to work as leading ISMS auditors.
This course is very appropriate for those wish to Lead audits of ISMS in accordance with ISO/IEC 27001 (either as a 2nd party, or 3rd party auditor), those wishing to learn about effective audit practices. Security and quality professionals, existing information security auditors who wish to expand their auditing skills and consultants who wish to provide advice on ISO/IEC 27001:2022 ISMS Auditing.

Qualification Certificate

After passing the exam you will receive a certificate of Lead Auditor ( ISO 27001)

Duration

5 days