ISO 27001:2013 (Information Security Management System)
This Information Security management system Auditor/Lead Auditor course has been designed and developed to provide students with the knowledge and skills required to perform audits (first party, second and third-party) of Information Security Management System against ISO 27001:2013, in accordance with ISO 19011 2018 and ISO 17021-1:2015, as applicable. This course is meeting the requirements for individuals seeking registration as an Auditor or Load Auditor for IRCA.
This training course is conducted in conjunction with the CQI-IRCA Regulations.
Information Security Management System – Overview, Principles, Terms and Definitions
Auditing Information Security Management System requirements as per ISO 27001:2013 Standards
Roles and responsibilities of Auditors and Auditee
Audit terminologies, Audit Principles and Types of Audit
Establishing, Implementing, Monitoring, Reviewing and improving Audit Programme
Planning and conducting an audit (Stage 1 & Stage 2)in accordance with ISO 19011:2018 & ISO 17021-1:2015
The organisations running the certification schemes (Certification Bodies)
Management Representatives, Information Security Core Group members and other process heads responsible for establishing, implementing, maintaining and auditing Information Security Management System
All employees whose work responsibility directly affects the performance of the Information Security Management System
Anyone who is responsible for loading an audit of their own or another company’s Information Security Management System
Management System Professionals and ISMS Administrators, Executives who wants to improve their Information Security Management System
Any person involved in organizing. planning and conducting first party, second party or third-party audits in Information Security Management System discipline
Those individuals willing to take up external auditing as a future profession by becoming an independent auditor and to become a registered ISO 27001:2013 Lead Auditor
Students who wish to learn and develop cross-functional skills for the challenging future assignments in Information Security Management System discipline
Delegates attending this course are required to have a minimum level of “expected prior knowledge in the following areas:
Completion of secondary education
An understanding of report writing is desirable
Knowledge of the following principles and concepts:
The Plan, Do Check, Act (P-D-C-A) cycle
The relationship between Information Security Management and other Business Processes
Commonly used Information Security Management terms and definitions
The Process approach & Risk-based thinking in Information Security management system
Basic Understanding on Information Security Risks & Risk Treating Techniques
The structure and content of ISO 27001:2005/ISO 27001:2013
Knowledge of the requirements of ISO 27001:2005/150 27001:2013, which may be gained by completing an IRCA certified ISMS Foundation Training course or equivalent.
Upon completion of this course, delegates should be able to (Knowledge oriented)
Describe the purpose of an Information Security Management system, Information Security management systems standards, Management system audit and of third-party certification
Explain the role of an ISMS auditor to plan, conduct report and follow up of on Information Security management system audit in accordance with 150 15001:2018 (and 150 17025-12015 where appropriate)
Plan, conduct, report and follow up on audit of information security management System to establish conformity (or otherwise) with 150 27001:2013 and in Accordance with 150 150:2013 and ISO 17025-1.2015
Courses are held through virtual class room and workshop and requirement standards will communicated by mail.
(40 Hours) in different formats as given below 5 Days consecutively/2+3 Days/3+2 Days/1+2+2 Days/2+1+2 Days
Methodology of delivery
Accelerated learning through Workshops & Exercises
Role play, case study and discussions between the groups and individuals
Mock audit and Presentation of findings
This course includes a 2 hours examination and on successful completion, delegates will be awarded certificate of achievement in case the delegate does not qualify the exam but attended the full course con re-sit for the exam with 1 month of course end-date.
KBS deploys highly experienced Professionals with Best experience in auditing & training