Description

Module 1: Introduction to the information security management system (ISMS) and ISO/IEC 27001

Lessons:

• Course objectives and structure
• Standards and regulatory frameworks
• Certification process
• Fundamental principles of Information Security
• Management Systems
• Information Security Management Systems (ISMS)

Module 2: Audit principles, preparation, and initiation of an audit

Lessons:

• Fundamental audit concepts and principles
• Evidence based audit approach
• Initiating the audit
• Stage 1 audit
• Preparing the stage 2 audit (on-site audit)
• Stage 2 audit (Part 1)

Module 3: On-site audit activities

Lessons:

• Stage 2 audit (Part 2)
• Communication during the audit
• Audit procedures
• Creating audit test plans
• Drafting audit findings and non-conformity reports

Module 4: Closing the audit

Lessons:

• Documentation of the audit and the audit quality review
• Closing the audit
• Evaluating action plans by the auditor
• Benefits of the initial audit
• Managing an internal audit program
• Competence and evaluation of auditors
• Closing the training

Module 5: Certification Exam

Audience Profile

• Auditors seeking to perform and lead Information Security Management System (ISMS) certification audits
• Managers or consultants seeking to master an Information Security Management System audit process
• Individuals responsible for maintaining conformance with Information Security Management System requirements
• Technical experts seeking to prepare for an Information Security Management System audit
• Expert advisors in Information Security Management

Prerequisites

A fundamental understanding of ISO/IEC 27001 and comprehensive knowledge of audit principles.