This certified course (2549 – PR 373) will provide you with the knowledge and skills required to perform first, second and third party audits of information security management systems (ISMS) against ISO/IEC 27001:2022 – Information Security, Cybersecurity and Privacy Protection (with ISO/IEC 27002), in accordance with ISO 19011 and ISO/IEC 17021, as applicable.
Course Details
On completion of this course, you will be able to:
- Explain the purpose and business benefits of an ISMS, of information security management systems standards, of management system audits and of third-party certification
- Explain the role of an auditor in planning, conducting, reporting and following up an ISMS audit in accordance with ISO 19011 and ISO/IEC 17021, where appropriate
- Plan, conduct, report and follow up an audit of an ISMS to establish conformity or otherwise with ISO/IEC 27001 (with ISO/IEC 27002), in accordance with ISO 19011 and ISO/IEC 17021 where appropriate
In order to adapt to your learning style and needs, this course is available as classroom based, virtual instructor led training (VILT). Depending on the selected method, this course can be delivered over 5 days or 40 hours.
Course certification
Attendees on this course will be required to pass both the examination and continuous assessment. On successful completion of both, you will be issued with a Certificate of Achievement that satisfies the formal training requirement for an individual seeking certification as a CQI/IRCA lead auditor. The Certificate of Achievement is valid for a period of five years from the date of the exam for the purpose of certifying as an auditor with the CQI/IRCA.
Prerequisites
Before starting the course, you are expected to have prior knowledge of:
- Management systems
- The plan-do-check-act (PDCA) cycle
- Information security management
- The following information security management principles and concepts:
- The need for information security
- The assignment of responsibility for information security
- Incorporating management commitment and the interests of stakeholders
- Enhancing societal values
- Using the results of risk assessments to determine appropriate controls to reach acceptable levels of risk
- Incorporating security as an essential element of information networks and systems
- The active prevention and detection of information security incidents
- Ensuring a comprehensive approach to information security management
- Continual reassessment of information security and making of modifications as appropriate
- ISO/IEC 27001:2022: The requirements of ISO/IEC 27001 (with ISO/IEC 27002) and the commonly used information security management terms and definitions, as given in ISO/IEC 27000 (overview and vocabulary), which may be gained by completing a CQI and IRCA certified ISMS Foundation Training Course or the equivalent
Trusted ISO 27001 training from a leading course provider
As a leader in professional training, we draw on years of global experience. Our courses are delivered by specialists who will support you on your professional journey.
To find out more about our ISO/IEC 27001:2022 Auditor/Lead Auditor Training Course, contact us today