ISO 27001:2013 (Information Security Management System)
This Information Security management system Auditor/Lead Auditor course has been designed and developed to provide students with the knowledge and skills required to perform audits (first party, second and third-party) of Information Security Management System against ISO 27001:2013, in accordance with ISO 19011 2018 and ISO 17021-1:2015, as applicable. This course is meeting the requirements for individuals seeking registration as an Auditor or Load Auditor for IRCA.
This training course is conducted in conjunction with the CQI-IRCA Regulations.
- Information Security Management System – Overview, Principles, Terms and Definitions
- Auditing Information Security Management System requirements as per ISO 27001:2013 Standards
- Roles and responsibilities of Auditors and Auditee
- Audit terminologies, Audit Principles and Types of Audit
- Establishing, Implementing, Monitoring, Reviewing and improving Audit Programme
- Planning and conducting an audit (Stage 1 & Stage 2)in accordance with ISO 19011:2018 & ISO 17021-1:2015
- Audit findings Classification & It’s reporting methods
- Follow up & Completing the Audit
- Competence and Evaluation of Auditors
Who should attend?
- The organisations running the certification schemes (Certification Bodies)
- Management Representatives, Information Security Core Group members and other process heads responsible for establishing, implementing, maintaining and auditing Information Security Management System
- All employees whose work responsibility directly affects the performance of the Information Security Management System
- Anyone who is responsible for loading an audit of their own or another company’s Information Security Management System
- Management System Professionals and ISMS Administrators, Executives who wants to improve their Information Security Management System
- Any person involved in organizing. planning and conducting first party, second party or third-party audits in Information Security Management System discipline
- Those individuals willing to take up external auditing as a future profession by becoming an independent auditor and to become a registered ISO 27001:2013 Lead Auditor
- Students who wish to learn and develop cross-functional skills for the challenging future assignments in Information Security Management System discipline
Delegates attending this course are required to have a minimum level of “expected prior knowledge in the following areas:
- Completion of secondary education
- An understanding of report writing is desirable
- Knowledge of the following principles and concepts:
- The Plan, Do Check, Act (P-D-C-A) cycle
- The relationship between Information Security Management and other Business Processes
- Commonly used Information Security Management terms and definitions
- The Process approach & Risk-based thinking in Information Security management system
- Basic Understanding on Information Security Risks & Risk Treating Techniques
- The structure and content of ISO 27001:2005/ISO 27001:2013
- Knowledge of the requirements of ISO 27001:2005/150 27001:2013, which may be gained by completing an IRCA certified ISMS Foundation Training course or equivalent.
Upon completion of this course, delegates should be able to (Knowledge oriented)
- Describe the purpose of an Information Security Management system, Information Security management systems standards, Management system audit and of third-party certification
- Explain the role of an ISMS auditor to plan, conduct report and follow up of on Information Security management system audit in accordance with 150 15001:2018 (and 150 17025-12015 where appropriate)
- Plan, conduct, report and follow up on audit of information security management System to establish conformity (or otherwise) with 150 27001:2013 and in Accordance with 150 150:2013 and ISO 17025-1.2015
Courses are held through virtual class room and workshop and requirement standards will communicated by mail.
(40 Hours) in different formats as given below 5 Days consecutively/2+3 Days/3+2 Days/1+2+2 Days/2+1+2 Days
Methodology of delivery
- Accelerated learning through Workshops & Exercises
- Role play, case study and discussions between the groups and individuals
- Mock audit and Presentation of findings
This course includes a 2 hours examination and on successful completion, delegates will be awarded certificate of achievement in case the delegate does not qualify the exam but attended the full course con re-sit for the exam with 1 month of course end-date.
KBS deploys highly experienced Professionals with Best experience in auditing & training