IT Management

CQI and IRCA Certified ISO/IEC 27001:2013 Lead Auditor Training Course

Duration 5 Days (08.30 – 18.00)

 

COURSE DESCRIPTION

In this five day course, certified to the International Register of Certificated Auditors (IRCA)* guidelines, our experienced tutors will teach you how to lead, plan, execute and report on an audit of an ISMS in an organization assessing its conformance with ISO/IEC 27001:2013. To attend this course, you should already have knowledge of the key Plan-Do-Check-Act (PDCA) cycle within management systems.

You should also have knowledge of Information Security Management principles, concepts and specifically the requirements of ISO/IEC 27001:2013. Tutors on our lead auditor courses will expand on your existing knowledge of the standard and develop your skill and ability to lead a team to conduct audits of an ISMS to the standard. Through a combination of tutorials, syndicate exercises and role play, you will learn everything you need to know about how an ISMS audit should be run including conducting second and third party audits.

 

 

COURSE AGENDA

Day 1
 

Time

Topic

08.30

  • Benefits to you, welcome and introductions
  • Course aims, objectives and structure

 

KNOWLEDGE

  • First, second and third party audits
  • Audit process
  • Audit objectives, scopes and criteria’s
  • Audit resources
  • Roles and responsibilities and confidentiality
  • Audit methods
  • Stage 1 audit
  • Stage 2 audit
  • Audit plan
  • Work documents
  • Opening meeting
  • Audit evidence
  • Effective communication
  • Audit findings
  • Audit meetings
  • Closing meeting
  • Audit reports
  • Audit follow-Up

17.30

Close day 1

 

Day 2
 

Time

Topic

08.30

  • Day 1 review

 

KNOWLEDGE continued

  • Purpose and business benefits of an ISMS
  • Terminology
  • Plan-Do-Check-Act
  • ISMS context
  • Role of the auditor
  • ISMS documentation

 

SKILLS

  • Initiating the audit
  • Document review
  • Audit plan
  • Work documents
  • Opening meeting
  • Observations
  • Auditing ‘Top management’

18.00

Close day 2

 

Day 3
 

Time

Topic

08.30

  • Specimen exam: Sections 1 and 2 review

 

SKILLS

  • Auditing ‘Context’
  • Auditing ‘Actions to address risks and opportunities’
  • Tutorial on body language
  • Audit trails
  • Auditing ‘Objectives, resource and competence’
  • Auditing ‘Operations and monitoring….’

18.00

Close day 3

 

Day 4
 

Time

Topic

08.30

  • Specimen exam: Section 3 review

 

SKILLS

  • Auditing ‘Continual improvement’
  • Nonconformities
  • Closing meeting
  • Audit report
  • Audit follow-up
  • Specimen exam: Section 4

18.00

Close day 4

 

Day 5
 

Time

Topic

08.00

  • Hand in homework – audit report
  • The certification and accreditation process, the role of CQI and IRCA, the
  • CQI and IRCA ISMS auditor certification requirements and code of conduct
  • Final questions/final revision
  • Evaluation
  • Introduction/readiness to the exam

10.15

Exam

12.15

End of course

 

 WHO SHOULD ATTEND

This is intended for those who will be involved in leading audits of an ISMS that conforms to ISO/IEC 27001:2013 in any organization.

Suggested job roles and their teams include:

  • Information security managers
  • IT and corporate security managers
  • Corporate governance managers
  • Risk and compliance managers
  • Information security consultants

 

PREREQUISITES:

You should already have knowledge how management systems work and in particular, the requirements of ISO/IEC 27001:2013 (for delegates who do not have these, we recommend attending our requirements course)

  Course Duration

         5 Days

 Price List

          44,000 Baht
          Special Offer : Contact us

  Available Schedule

18 - 22 Jan 2021
22 - 26 Mar 2021
26 - 30 Apr 2021
24 - 28 May 2021
12 - 16 Jul 2021
13 - 17 Sep 2021
30 Nov - 04 Dec 2021