Auditing is crucial to the success of any management system. As a result, it carries with it heavy responsibilities, tough challenges and complex problems.
This five-day intensive course trains ISMS auditors to lead, plan, manage and implement an Audit Plan. It also empowers them to give practical help and information to those who are working towards certification and also provides the knowledge and skill required to carry out 2nd party auditing (suppliers and subcontractors).
Through a combination of tutorials, syndicate exercises, and role play, you will learn everything you need to know about how an Information Security Management System audit should be run including conducting second and third-party audits.
How will my organization benefit?
- Your company will have an internal resource and process to be able to conduct its own audit of its Information Security Management System to assess and improve conformance with ISO/IEC 27001:2022
- You will gain a professional qualification that certifies that you have the knowledge and skills to be able to lead a team to conduct an audit of an ISMS in any organization
- Successful auditing will improve the protection of any organization's private data to meet market assurance and corporate governance needs
- Effective auditing helps to ensure that the measures you put in place to protect your organization and your customers are properly managed and achieve the desired result
This course is suitable for those wishing to Lead audits of ISMS in accordance with ISO/IEC 27001 (either as a 2nd party, or 3rd party auditor), those wishing to learn about effective audit practices. Security and quality professionals, existing information security auditors who wish to expand their auditing skills and consultants who wish to provide advice on ISO/IEC 27001:2022 ISMS Auditing.
You should have a good knowledge of ISO/IEC 27001 and the key principles of an ISMS. If not, we strongly recommend you attend our one day requirements course. It will also help if you have attended an internal or lead auditor course or have experience with conducting internal or supplier audits.
Explain the purpose and business benefits of:
- Information Security Management Systems (ISMS), ISMS standards
- Management system audit
- Third-party certification
Explain the role of an auditor to plan, conduct, report and follow up an Information Security MS audit in accordance with ISO 19011 (and ISO 17021 where appropriate).
Have the skills to: Plan, conduct, report, and follow up an audit of an ISMS to establish conformity (or otherwise) with ISO/IEC 27001/2, ISO 19011 (and ISO 17021 where appropriate).
- You will gain 40 CPD points on completing the course
- On completion, you’ll be awarded an internationally respected BSI Training Academy certificate