Information Security Management Systems (ISMS) Auditor/Lead Auditor (IRCA) Training Course (BS ISO/IEC 27001:2013)
In this five days course certified to IRCA* guidelines, our experienced tutors will teach you how to lead, plan, execute and report on an audit of an ISMS in an organization assessing its conformance with ISO/IEC 27001:2013.
To attend this course, you should already have knowledge of the key Plan-Do-Check-Act (PDCA) cycle within management systems. You should also have knowledge of Information Security Management principles, concepts and specifically the requirements of ISO/IEC 27001:2013.
Tutors on our lead auditor courses will expand on your existing knowledge of the standard and develop your skills and ability to lead a team to conduct audits of an ISMS to the standard.
Through a combination of tutorials, syndicate exercises and role play, you will learn everything you need to know about how an ISMS audit should be run including conducting second and third-party audits.
IRCA Certified Course (17287)
This course is certified by the International Register of Certificated Auditors (IRCA) and meets training requirements for those seeking registration as a lead auditor under their ISMS scheme.
Who should attend?
What will I learn?
- What is the purpose and business benefits of an ISMS, ISMS standards, ISMS audits and third party certification
- What is the role and skills required by an auditor when planning, conducting, reporting and following up on an ISMS audit in accordance with ISO/IEC 27001:2013, ISO/IEC 27002:2013, Information technology -- Security techniques -- Code of practice for information security controls, ISO 19011:2011, Guidelines for auditing management systems and where applicable, ISO 17021:2011, Conformity assessment - Requirements for bodies providing audit and certification of management systems
How will my organization benefit?
- Your company will have an internal resource and process to be able to conduct its own audit of its ISMS to assess and improve conformance with ISO/IEC 27001:2013
- You will gain a professional qualification that certifies that you have the knowledge and skills to be able to lead a team to conduct an audit of an ISMS in any organization that satisfies IRCA guidelines
- Successful auditing will improve the protection of any organization’s private data to meet market assurance and corporate governance needs
Delegates are expected to have the following prior knowledge:
Understand the Plan-Do-Check-Act (PDCA) cycle.
Information security management (Knowledge of the following information security management principles and concepts):
- Awareness of the need for information security;
- the assignment of responsibility for information security;
- incorporating management commitment and the interests of stakeholders;
- enhancing societal values;
- using the results of risk assessments to determine appropriate controls to reach acceptable levels of risk;
- incorporating security as an essential element of information networks and systems;
- the active prevention and detection of information security incidents;
- ensuring a comprehensive approach to information security management;
- continual reassessment of information security and making of modifications as appropriate.
- Course Folder
- Pen and Notepad
- Certificate of attendance
- Loan copy of the standard (to be returned after the course)