- Home
- Security Programming and Security Management
- ISOLA - ISO 27001 ISMS Lead Auditor
ISOLA - ISO 27001 ISMS Lead Auditor
During the training, the participant will acquire the knowledge needed to plan and perform audits compliant with the certification process of standard 27001:2005.
- Course Outline
-
Summary
This 5-day intensive course that includes optional exam on the final afternoon enables participants to develop the expertise needed to audit an Information Security Management System (ISO 27001) and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques. During the training, the participant will acquire the knowledge needed to plan and perform audits compliant with the certification process of standard 27001:2005. Based on practical exercises, the participant will be able to develop the abilities (mastering audit techniques) and skills (managing audit teams and audit program, communicating with customers, conflict resolution, etc.) necessary to the conduct of an audit.
The training is based on management system audit guidelines (ISO 19011:2002) as well as international audit best practices: the International Federation of Accountants (IFAC), the American Institute of Certified Public Accountants (AICPA), the Information Systems Audit and Control Association (ISACA) and the Institute of Internal Auditor (IIA). An audit kit developed by experienced auditors will be distributed to participants.
Learning objectives:- Understanding the application of the information security management system in the ISO 2701:2005 context.
- Understanding the relationship between the information security management system, including the management of risks and controls, and the various stakeholders.
- Understanding audit principles, procedures and techniques, and being able to apply them in an ISO 27001 audit framework
- Understanding the legal, statutory, regulatory or contract obligations relevant during an ISMS audit
- Acquiring the personal skills required to perform an audit in an effective and cost-effective manner, and managing an audit team
- Preparing and completing an audit report ISO 27001
- Understanding the application of the information security management system in the ISO 2701:2005 context.
- Person wanting to lead ISO 27001 certification audits as the person in charge of an audit team
- Consultant wanting to prepare and support a company in an audit certification ISO 27001
- Internal advisor to a company or internal auditor who wants to prepare and support his company in a certification audit ISO 27001
- Person in charge of information security or conformity internally for the organization
- Expert advisor in information technology
Day 1: Introduction to the management of an Information Security Management
- System based on ISO 27001
- Course objectives and structure
- Normative and regulatory framework \
- ISO 27001 certification process
- Fundamental principles in Information Security and Risk Management
- Information Security Management System (ISMS)
- Introduction to clauses 4 to 8 (ISO 27001)
Day 2: Launching an ISO 27001 audit
- Fundamental concepts and principles in audit
- Ethics and professional rules of conduct in audit
- Audit approach based on evidence and on risk
- Preparation of an ISO 27001 certification audit
- Documentation audit
- Preparing the audit plan
- Conducting an opening meeting
Day 3: Conducting an ISO 27001 audit
- Communication during the audit
- Audit procedures (observation, interview, sampling techniques)
- Drafting audit findings and nonconformity reports
Day 4: Closing an ISO 27001 audit
- Audit documentation
- Review of audit notes
- Closing an ISO 27001 audit
- Managing an audit program ISO 27001
- Competence and evaluation of auditors
- Completion of training
Day 5: Review and Examination
- Review
- Examination
General Information:
- Maximum number of students: 12
- A copy of the ISO 19011, ISO 27001 and ISO 27002 standards will be provided to participants.
- A certificate of attainment will be given to participants who successfully pass the examination.
- Additional Details
-
Pre-Requisites
Basic knowledge of ISO 27001 and ISO 27002 standards is recommended.
Certificates offered
Examination and Certification: The ISMS exam - ISO 27001 Lead Auditor is certified by RABQSA and meets the "RABQSA Training Provider Examination Certification Scheme" (TPECS) criteria and covers the competency unit: * RABQSA - IS (information security) * RABQSA - AU (Audit Techniques) * RABQSA - TL (Techniques for Lead Auditor) * ISMS exam - ISO 27001 Lead Auditor is available in English, French or Spanish * Duration of the exam: 3 hours * A certificate will be issued to participants who successfully complete the exam * After the training, the participant can apply for the title of ISO 27001 provisional auditor, ISO 27001 auditor, ISO 27001 principal auditor or ISO 27001 lead auditor depending on their experience * The certificate for the successful completion of the RABQSA exam is recognized by IRCA and meets the IRCA/2016 certification criteria. A participant can register as IRCA or RABQSA auditor
- Cancellation Policy
-
- Map & Reviews
-
CTE Solutions
[ View Provider's Profile ]
Reviews
Here are some reviews of the training vendor.This course has not yet been rated by one of our members.
If you have taken a course through this vendor please log into your account and leave feedback for this vendor. You will be helping ensure our members get directed to the best training facilities.
This course currently does not have any dates scheduled. Please call 1-877-313-8881 to enquire about future dates.
This page has been viewed 147 times.