Duration 5 Days
Learn how to lead, plan, execute and report on an audit of an ISMS in an organization assessing its conformance with ISO/IEC 27001:2013 certified to the International Register of Certificated Auditors (IRCA)* guidelines.
In this five day course, certified to the International Register of Certificated Auditors (IRCA)* guidelines, our experienced tutors will teach you how to lead, plan, execute and report on an audit of an ISMS in an organization assessing its conformance with ISO/IEC 27001:2013. To attend this course, you should already have knowledge of the key Plan-Do-Check-Act (PDCA) cycle within management systems. You should also have knowledge of Information Security Management principles, concepts and specifically the requirements of ISO/IEC 27001:2013. Tutors on our lead auditor courses will expand on your existing knowledge of the standard and develop your skill and ability to lead a team to conduct audits of an ISMS to the standard. Through a combination of tutorials, syndicate exercises and role play, you will learn everything you need to know about how an ISMS audit should be run including conducting second and third party audits.
*IRCA Certified Course (A17287) This course is certified by IRCA and meets training requirements for those seeking registration as a lead auditor under their ISMS scheme.
WHAT WILL I LEARN?
- What is the purpose and business benefits of an ISMS, ISMS standards, ISMS audits and third party certification
- What is the role and skills required an auditor when planning, conducting, reporting and following up on an ISMS audit in accordance with ISO/IEC 27001:2013, ISO/IEC 27002:2013 - Information technology -- Security techniques -- Code of practice for information security controls, ISO 19011:2011 - Guidelines for auditing management systems and where applicable, ISO 17021:2011 - Conformity assessment - Requirements for bodies providing audit and certification of management systems
HOW WILL MY ORGANIZATION BENEFIT?
- Your company will have an internal resource and processes to be able to conduct its own audit of its ISMS to assess and improve conformance with ISO/IEC 27001:2013
- You will gain a professional qualification that certifies that you have the knowledge and skills to be able to lead a team to conduct an audit of an ISMS in any organization that satisfies IRCA guidelines
- Successful auditing will improve the protection of any organization’s private data to meet market assurance and corporate governance needs
WHO SHOULD ATTEND
This is intended for those who will be involved in leading audits of an ISMS that conforms to ISO/IEC 27001:2013 in any organization.
Suggested job roles and their teams include:
- Information security managers
- IT and corporate security managers
- Corporate governance managers
- Risk and compliance managers
- Information security consultants
You should already have knowledge how management systems work and in particular, the requirements of ISO/IEC 27001:2013 (for delegates who do not have these, we recommend attending our requirements course)