Learn: in:
» back to Search Results

Course rating of 0 Vendor rating of 4

During the training, the participant will acquire the knowledge needed to plan and perform audits compliant with the certification process of standard 27001:2005.

Course Outline

This 5-day intensive course that includes optional exam on the final afternoon enables participants to develop the expertise needed to audit an Information Security Management System (ISO 27001) and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques. During the training, the participant will acquire the knowledge needed to plan and perform audits compliant with the certification process of standard 27001:2005. Based on practical exercises, the participant will be able to develop the abilities (mastering audit techniques) and skills (managing audit teams and audit program, communicating with customers, conflict resolution, etc.) necessary to the conduct of an audit.

The training is based on management system audit guidelines (ISO 19011:2002) as well as international audit best practices: the International Federation of Accountants (IFAC), the American Institute of Certified Public Accountants (AICPA), the Information Systems Audit and Control Association (ISACA) and the Institute of Internal Auditor (IIA). An audit kit developed by experienced auditors will be distributed to participants.

Learning objectives:
  • Understanding the application of the information security management system in the ISO 2701:2005 context.
  • Understanding the relationship between the information security management system, including the management of risks and controls, and the various stakeholders.
  • Understanding audit principles, procedures and techniques, and being able to apply them in an ISO 27001 audit framework
  • Understanding the legal, statutory, regulatory or contract obligations relevant during an ISMS audit
  • Acquiring the personal skills required to perform an audit in an effective and cost-effective manner, and managing an audit team
  • Preparing and completing an audit report ISO 27001
  • Understanding the application of the information security management system in the ISO 2701:2005 context.
Who should participate?
  • Person wanting to lead ISO 27001 certification audits as the person in charge of an audit team
  • Consultant wanting to prepare and support a company in an audit certification ISO 27001
  • Internal advisor to a company or internal auditor who wants to prepare and support his company in a certification audit ISO 27001
  • Person in charge of information security or conformity internally for the organization
  • Expert advisor in information technology
Course details:

Day 1: Introduction to the management of an Information Security Management

  • System based on ISO 27001
  • Course objectives and structure
  • Normative and regulatory framework \
  • ISO 27001 certification process
  • Fundamental principles in Information Security and Risk Management
  • Information Security Management System (ISMS)
  • Introduction to clauses 4 to 8 (ISO 27001)

Day 2: Launching an ISO 27001 audit

  • Fundamental concepts and principles in audit
  • Ethics and professional rules of conduct in audit
  • Audit approach based on evidence and on risk
  • Preparation of an ISO 27001 certification audit
  • Documentation audit
  • Preparing the audit plan
  • Conducting an opening meeting

Day 3: Conducting an ISO 27001 audit

  • Communication during the audit
  • Audit procedures (observation, interview, sampling techniques)
  • Drafting audit findings and nonconformity reports

Day 4: Closing an ISO 27001 audit

  • Audit documentation
  • Review of audit notes
  • Closing an ISO 27001 audit
  • Managing an audit program ISO 27001
  • Competence and evaluation of auditors
  • Completion of training

Day 5: Review and Examination

  • Review
  • Examination

General Information:

  • Maximum number of students: 12
  • A copy of the ISO 19011, ISO 27001 and ISO 27002 standards will be provided to participants.
  • A certificate of attainment will be given to participants who successfully pass the examination.

Prerequisites & Certificates

Basic knowledge of ISO 27001 and ISO 27002 standards is recommended.

Certificates offered

Examination and Certification: The ISMS exam - ISO 27001 Lead Auditor is certified by RABQSA and meets the "RABQSA Training Provider Examination Certification Scheme" (TPECS) criteria and covers the competency unit: * RABQSA - IS (information security) * RABQSA - AU (Audit Techniques) * RABQSA - TL (Techniques for Lead Auditor) * ISMS exam - ISO 27001 Lead Auditor is available in English, French or Spanish * Duration of the exam: 3 hours * A certificate will be issued to participants who successfully complete the exam * After the training, the participant can apply for the title of ISO 27001 provisional auditor, ISO 27001 auditor, ISO 27001 principal auditor or ISO 27001 lead auditor depending on their experience * The certificate for the successful completion of the RABQSA exam is recognized by IRCA and meets the IRCA/2016 certification criteria. A participant can register as IRCA or RABQSA auditor

Cancellation Policy
10 business day cancellation policy. if the course is confirmed and the student cancels within 10 days of the course, then they get charged and apply a credit for future courses. If they cancel outside of 10 business days, then there are no charges at all.
Map & Reviews
CTE Solutions
[ View Provider's Profile ]


This course has not yet been rated by one of our members.

If you have taken a course through this vendor please log into your account and leave feedback for this vendor. You will be helping ensure our members get directed to the best training facilities.

Here are some reviews of the training vendor.
I realize that we are constantly dealing with technology, but I still think for a registration fee of almost $3,000, that a hardcover book should be included. I know that the option to print the book on a one-time basis exists.
Reviewed by 2016
Reviewed by 2016
The instructor was very knowledgeable and answered all questions. Jarod did an excellent job presenting.
Reviewed by 2015
The room was cold. I had to sit next to the space heater. It would be good to tell future patrons to dress warmly AHEAD of time. No suprises.
Reviewed by 2015
He was great and offered his contact info for further questions.
Reviewed by 2015
Howard was a fantastic instructor and the course was exactly what I required.
Reviewed by 2014
The trainer was excellent - the course exceeded my expectations.
Reviewed by 2014
This course provides an excellent overview and a bit of practice on the various functions of SharePoint 2013. I was disappointed at the number of exceedingly long breaks given after each module. I would have preferred less break time and more content to the course. Having never taken a SharePoint course with another provider, I don't know if this is the norm with all providers of just this one in particular.
Reviewed by 2014
I ranked the "Use of Technology" low because for Users who were remote the VM's that were setup were a little wonky. Could be very slow at times and then sometimes they needed to be refreshed to work properly with the lab. In some instances we couldn't follow along as replication would not occur fast enough and we would have our lab cut short (for us remote Users).
Reviewed by 2014
The instructor was good at remembering to acknowledge the online students even though he was facing a classroom of students also.
Reviewed by 2014
Insructor was not so good with the live examples. Also the handouts was not so useful
Reviewed by 2013
The trainer was excellent, very knowledgeable and had a lot of valuable experience to share. The problem was that there were way too many workshops that took too long and interfered with getting the maximum benefit from the instructor and the course.
Reviewed by 2013
This was quite informative. It was a great opportunity to have ‘real life’ discussions with certified PMs. The instructor had excellent examples and was able to share his PM experiences with us with concrete examples. In addition, this was a great opportunity to network with private sector/public sector PMs and develop a better appreciation of PM on both sides of the fence. Cheers, CL
Reviewed by 2013
Reviewed by 2013
I did not like the video format
Reviewed by 2013
As a remote attendee, it appeared the instructor paid attention to the "Attendee" and "Chat" windows only a few times throughout the day, so I was not confident that he would see if I sent a message or raised my hand during the course.
Reviewed by 2013
The chairs were not very comfortable and the material contained spelling and grammatical error (a few but still)as well as repetition of words.
Reviewed by 2013
Was a bit slow the last 1/2 day. Of course, for some, this was the last of a 4 day course (not just 2 days).
Reviewed by 2013
I really enjoyed the course and I learned a lot. The pace was excellent.
Reviewed by 2013
Reviewed by 2013
The room was excellent on its own - less distraction and no noise around you. There was no direction to the room when I walked in and therefore was not sure if I was heading in the right direction. We were not provided with the direction that there was coffee and fridge on the 3rd floor, and the bathroom floor was dirty.
Reviewed by 2012
This course was great, very informative, had Lionel as instructor and he was also very good.
Reviewed by 2012
Instructor was eager to assist but lacked subject matter expertise. Course time management was very poor. Content provided could have been delivered effectively in a one day course.
Reviewed by 2012
Good Course, good trainer. All questions addressed equally and in a timely professional manner.
Reviewed by 2011
The course content was interesting; however, the instructor didn't have enough knowledge about Microsoft Sharepoint 2010 Development and wasn't able to answer questions without google search. In the future CTE needs to make sure the instructors have real on-hands experience and are highly trained in the technologies they are supposed be teaching.
Reviewed by 2011

This course currently does not have any dates scheduled. Please call 1-877-313-8881 to enquire about future dates or scheduling a private, in house course for your team.

This page has been viewed 942 times.