Information Security Management Systems Auditor/Lead Auditor Training Course
In this five day course our experienced tutors will teach you how to lead, plan, execute and report on an audit of an ISMS in an organization assessing its conformance with ISO/IEC 27001:2013.
To attend this course, you should already have knowledge of the key Plan-Do-Check-Act (PDCA) cycle within management systems.
You should also have knowledge of Information Security Management principles, concepts and specifically the requirements of ISO/IEC 27001:2013.
Tutors on our lead auditor courses will expand on your existing knowledge of the standard and develop your skills and ability to lead a team to conduct audits of a system to the standard.
Through a combination of tutorials, syndicate exercises and role play, you will learn everything you need to know about how an Information Security Management System audit should be run including conducting second and third-party audits.
Who should attend?
This is intended for those who will be involved in leading audits of an ISMS that conforms to ISO/IEC 27001:2013 in any organization.
Suggested job roles and their teams include:
- Information security managers
- IT and corporate security managers
- Corporate governance managers
- Risk and compliance managers
- Information security consultants
You should already have knowledge how management systems work and in particular, the requirements of ISO/IEC 27001:2013 (for delegates who do not have these, we recommend attending our one day requirements course)
What will I learn?
- What is the purpose and business benefits of an ISMS, the standards, audits and third party certification
- What is the role and skills required by an auditor when planning, conducting, reporting and following up on an ISMS audit in accordance with ISO/IEC 27001:2013, ISO/IEC 27002:2013, Information technology -- Security techniques -- Code of practice for information security controls, ISO 19011:2011, Guidelines for auditing management systems and where applicable, ISO 17021:2011, Conformity assessment - Requirements for bodies providing audit and certification of management systems
How will my organization benefit?
- Your company will have an internal resource and process to be able to conduct its own audit of its Information Security Management System to assess and improve conformance with ISO/IEC 27001:2013
- You will gain a professional qualification that certifies that you have the knowledge and skills to be able to lead a team to conduct an audit of an ISMS in any organization
- Successful auditing will improve the protection of any organization's private data to meet market assurance and corporate governance needs
- You will gain 40 CPD points on completing the course
- Refreshments and lunch