ISO in the Sun: ISO/IEC 27001 Information Security Management System (ISMS) Lead Auditor

Total time
Trainer
Martin Holzke

ISO in the Sun: ISO/IEC 27001 Information Security Management System (ISMS) Lead Auditor

ISO in the Sun
Logo ISO in the Sun

Ready to work on your personal development? Book now!

Starting dates and places

There are no known starting dates for this product.

Description

This five-day course provides an overview of the structure of an Information Security Management System (ISMS) based on ISO/IEC 27001:2013, and how to audit the same internally or in the context of certification.

Overview:
This five-day course enables participants to develop the necessary expertise to audit an Information Security Management System against ISO/IEC 27001:2013 and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques.

During this training, the participants will acquire the necessary knowledge and skills to proficiently plan and perform internal and external audits in compliance with ISO 19011:2018, as well as understanding the cert…

Read the complete description

Frequently asked questions

There are no frequently asked questions yet. If you have any more questions or need help, contact our customer service.

Didn't find what you were looking for? See also: Sun, Security, CompTIA A+ / Network+ / Security+, Internet Security, and IT Security.

This five-day course provides an overview of the structure of an Information Security Management System (ISMS) based on ISO/IEC 27001:2013, and how to audit the same internally or in the context of certification.

Overview:
This five-day course enables participants to develop the necessary expertise to audit an Information Security Management System against ISO/IEC 27001:2013 and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques.

During this training, the participants will acquire the necessary knowledge and skills to proficiently plan and perform internal and external audits in compliance with ISO 19011:2018, as well as understanding the certification process according to ISO/IEC 17021-1:2015 and ISO/IEC 27006:2015.

The course consists of a mix of presentation, discussion and exercises based on real-world examples.

Outline:
Introduction to ISMS Concepts per ISO/IEC 27001:2013
Normative, Regulatory and Legal Framework
Fundamental Principles of Information Security
ISO/IEC 27001:2013 Certification Process
Information Security Management System (ISMS)
Clauses of ISO/IEC 27001:2013
Planning and Initiating the Audit
Fundamental Audit Concepts and Principles
Audit Approach based on Evidence and Risk
Preparation of an ISO/IEC 27001:2013 Certification Audit
ISMS Documentation Audit
Conducting an Opening Meeting
Conducting the Audit
Communication during the Audit
Audit procedures: Observation, Document Review, Interview, Sampling, Technical Verification, Corroboration and Evaluation
Audit Test Plans
Formulation of Audit Findings
Documenting Nonconformities
Concluding and Follow-up of the Audit
Audit Documentation
Quality Review
Conducting a Closing Meeting and Conclusion of the Audit
Evaluation of Corrective Action Plans
Surveillance and Re-Certification Audits
Internal Audit Management Program

Objectives:
Completion of this course will enable students to
Understand the principles of an ISMS conforming to
ISO/IEC 27001:2013
Perform ISO/IEC 27001:2013 internal audits
Execute ISO/IEC 27001:2013 certification audits on behalf of a certification body
Manage ISMS audit teams

Audience:
This course is aimed at students with (future) roles like
Internal auditors
ISMS certification auditors
Project managers, consultants and information security team members participating in ISMS audits
information security practitioners moving into audit roles


Prerequisites:
General understanding of common business processes.

Some past exposure to information or IT security, management systems and audits helpful, but not required.

Examination and Certification:
The course ends with a three hour written essay-style exam on the last day available in multiple languages.

This course is designed by PECB in Canada, who also mark the exam and issue respective certifications as per their criteria. PECB is a personnel certification body, accredited to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full details.

Exam and first-year certification fees are included in the course fees.

Individual as well as Integrated Management Systems addressing Risk, Information Security, Business Continuity, (IT) Services and other areas are getting ever more important for ever more organisations. As conformity with the respective ISO standards increasingly becomes a requirement to do business, management and their staff wonder how to get there.

ISO in the Sun is an ongoing series of courses on Risk, Information Security, Business Continuity, Service, Project and Integrated Management hosted by SoftQualM in the beautiful surroundings of Lanzarote in the Canary Islands, Spain. This is the ideal opportunity to combine your continuing professional education with a break in the sun, and even save compared to attending similar courses in the typical metropolitan settings. Students come from all kinds of industries and sizes of organisation, from freelance consultants and auditors to EU institutions. 

There are no reviews yet.

Share your review

Do you have experience with this course? Submit your review and help other people make the right choice. As a thank you for your effort we will donate $1.- to Stichting Edukans.
Martin Holzke
Martin Holzke
ISO in the Sun: Continuing Professional Education in beautiful Lanzarote

There are no frequently asked questions yet. If you have any more questions or need help, contact our customer service.