iso/iec 27001 lead auditor training

22 Sep - 25 Sep 2021

Back To Workshop Download Brochure Register Now

Workshop Overview

ISO/IEC 27001 Lead Auditor training enables you to develop the necessary expertise to perform an Information Security Management System (ISMS) audit by applying widely recognized audit principles, procedures and techniques. During this training course, you will acquire the necessary knowledge and skills to plan and carry out internal and external audits in compliance with ISO 19011 and ISO/IEC 17021-1 certification process.

Based on practical exercises, you will be able to master audit techniques and become competent to manage an audit program, audit team, communication with customers, and conflict resolution.

This five-day intensive course enables participants to develop the expertise needed to audit an Information Security Management System (ISMS) and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques.

During this training, the participant will acquire the skills and knowledge needed to proficiently plan and perform audits compliant with the certification process of the ISO/IEC 27001 standard. Based on practical exercises, the participant will develop the abilities (mastering audit techniques) and skills (managing audit teams and audit program, communicating with customers, conflict resolution, etc.) necessary to the efficient conducting of an audit.

Program Focus

Understand the operations of an Information Security Management System based on ISO/IEC 27001

Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks

Understand an auditor’s role to: plan, lead and follow-up on a management system audit in accordance with ISO 19011

Learn how to lead an audit and audit team

Learn how to interpret the requirements of ISO/IEC 27001 in the context of an ISMS audit

Acquire the competencies of an auditor to: plan an audit, lead an audit, draft reports, and follow-up on an audit in compliance with ISO 19011

Benefits of Attending

Introduction to management systems and the process approach

Presentation of the standards ISO/IEC 27001, ISO 27002 and ISO 27003 and regulatory framework

Fundamental principles of Information Security

Preliminary analysis and establishment of the level of the maturity level of an existing information security management system based on ISO 21827

Writing a business case and a project plan for the implementation of an ISMS

Defining the scope of an ISMS

Development of an ISMS and information security policies

Selection of the approach and methodology for risk assessment

Risk management: identification, analysis and treatment of risk (drawing on guidance from ISO/IEC 27005

Drafting the Statement of Applicability

Implementation of a document management framework

Design of controls and writing procedures

Implementation of controls

Development of a training & awareness program and communicating about the information security

Incident management (based on guidance from ISO 27035)

Operations management of an ISMS

Controlling and Monitoring the ISMS

ISO/IEC 27001 internal Audit

Management review of an ISMS

Implementation of a continual improvement program

Preparing for an ISO/IEC 27001 certification audit

Who Should Attend?

Auditors seeking to perform and lead Information Security Management System (ISMS) certification audits

Managers or consultants seeking to master an Information Security Management System audit process

Individuals responsible for maintaining conformance with Information Security Management System requirements

Technical experts seeking to prepare for an Information Security Management System audit

Expert advisors in Information Security Management

Back To Workshop Download Brochure Register Now

Similar Workshop

Oops, no record found!

Submit

Website by: Xpoteck