Lead Auditor Transitioning from ISO/IEC 27001:2005 to ISO/IEC 27001:2013

This two day course, is aimed at lead auditors currently consulting, implementing or auditing Information Security Management Systems conforming to ISO/IEC 27001:2005.

With the updated standard ISO/IEC 27001:2013 now available, there is a need for organizations to prepare for ISMS audits that check conformance with the current standard. Information security management lead auditors, after having passed this course and a two hour examination, will be able to meet that need.

We will teach you the differences between the previous and current versions of the standard which will give you the knowledge to be able to inform and instruct a business about how conformance can be achieved.  

This can be particularly helpful to organizations where the transition strategy will repurpose existing ISMS documentation and processes over to the current standard.

Organizations will seek your input in preparation for an independent audit and of course you will be able to audit and lead audits yourself to the current standard once you have completed and passed the course and the examination.

Who should attend?

  • ISO/IEC 27001:2005 Consultants looking to transition to the 2013 standard
  • ISO/IEC 27001:2005 Lead Auditors looking to transition to the 2013 standard

Learning objectives

  • What is the new high-level structure of ISO/IEC 27001:2013?
  • What are the requirements of the standard
  • How to recognize the differences between the 2005 and 2013 versions of the standard
  • What updated processes apply to an organizations ISMS
  • How to plan and lead an audit to ISO/IEC 27001:2013

Course Benefits

As an employee, your company will have internal knowledge to conduct and lead an audit of an ISMS checking conformance to the current standard ISO/IEC 27001:2013.

As an independent consultant, organizations will be seeking help and advice when transitioning over their ISMS from the previous to the current version of the standard and to have their audits conducted.

There is a two hour examination on day two of the course. As a prerequisite, you must have attended and passed the ISO/IEC 27001:2005 Lead Auditor training course or an equivalent with another recognized training organization. To verify this, we will ask you for a copy of your certificate.

Next Steps

  • ISO 9001 Lead Auditor - Learn how to implement a quality management system in your organization, and understand how to conduct global best practice internal and external audits
  • ISO/IEC 27001 Lead Implementer - Learn how to implement the ISO/IEC 27001 standard within your organization, and understand how to get the most out of your information security management system
  • Risk Management and Operational Planning - Learn how to develop and implement operational plans to help you identify and manage business risk with our two-day Risk Management and Operational Planning course
  • Auditing Cloud Security for STAR Certification - Led by an experienced tutor, this one day course will help you learn how to audit cloud security for the STAR certification programme and learn how to apply the maturity model when auditing a provider’s security controls