ISO 27001 Lead Auditor
ISMS Lead Auditor (5 days)
The ISO 27001 audit training course teaches participants the foundations of the audit of Information Security Management System (ISMS). Taking place over five days, including the official certification exam, the course gives students basic training in how to conduct audits in accordance with the registration process for the ISO 27001:2005 standard. The lectures and audit exercises are based on the guidelines for the ISO 19011:2002 audit as well as the various standards in the ISO 27000 family.
|Instructor:||Highly qualified Information Security Manager instructors, actively involved in the ISO 2001 Audit|
Learning Level: Basic Audtor to Advanced
- IT Security Managers
- IT Managers
- Auditors interested in ISO 27001 :2005 or ISO 17799 :2005 / ISO 27002: 2007 Standards
- Information Security Consultants
Initial knowledge of ISO/IEC 17799:2005 and ISO 27001:2005 standards, and base knowledge of information security is required.
The course is given during the day ( 8:00am to 6:00pm ) and it is necessary for the student to work and prepare during the evening. Attendance at the trainings and at different workshops is obligatory in order to obtain an attestation or certification following the training.
- Review of the ISO 27001:2005 prerequisites
- Understanding of the relations between ISO 27001:2005 and ISO/IEC 17799:2005
- Security related threat and vulnerabilities apprenticeship evaluation
- Understanding of the security controls and counter-measures
- Comprehension of the auditor's roles and responsibilities
- Apprenticeship of the relative phases of an information security management system audit
Day 1: Introduction to information security management system management with ISO 27001
- Objectives and course structure
- Information Security Standard
- Certification Process
- Fundamental Principles of Information Security
- Information Security Management System
Day 2: Audit initiation
- Fundamental Audit Concepts and Principles
- Evidence based approach
- Audit Preparation
- Documentary Audit
- Preparing for the On-site Audit Activities
- Conducting On-site Activities
Day 3: Conduct the audit
- Communication during the audit
- Audit Procedures
- Drafting of conclusions and non-conformity reports
Day 4: Conclude the audit
- Audit Documentation
- Review of the Audit Notes
- Audit Conclusions
- Managing an audit program
- The competence and evaluation of auditors
- Training Closure
Day 5: Examination
- 3-hour examination leading to certification as an ISO 27001 Lead Auditor. The training course partner and examination are accredited by RABQSA, a US certification body recognized by other personnel certification bodies including IRCA.
- The ISMS Foundation course or basic knowledge of the ISO 27001 and ISO 27002 standards is recommended.
General information :
- Maximum number of students: 15
- A copy of the ISO 19011, ISO 27001 and ISO 27002 standards will be provided to participants.
- A certificate of attainment will be given to participants who successfully pass the examination (certified by RABQSA).