Learn the requirements of information security management system (ISMS) audits to examine and control information security risks, threats and vulnerabilities.
This certified course (17279) will provide you with the knowledge and skills required to perform first-, second- and third-party audits of ISMS against ISO/IEC 27001 (with ISO/IEC 27002), in accordance with ISO 19011 and ISO/IEC 17021, as applicable.
On completion of this training, you will be able to:
- Explain the purpose and business benefits of an ISMS, of ISMS standards, of management system audit and of third-party certification
- Explain the role of an auditor in the planning, conduct, reporting and follow up for an ISMS audit in accordance with ISO 19011 and ISO/IEC 17021, where appropriate
- Plan, conduct, report and follow up an ISMS audit to establish conformity, or otherwise, with ISO/IEC 27001 (with ISO/IEC 27002) in accordance with ISO 19011 and ISO/IEC 17021, where appropriate
In order to adapt to your learning style and needs, this course is available as Classroom Based or Virtual Instructor Led Training (VILT). Depending on the selected method, this course can be delivered over 5 days, 40 hours or in shorter online sessions, and will conclude with an exam.
To complete this course successfully you will be required to pass both an examination and continuous assessment before you can be issued with a Certificate of Achievement, which satisfies the formal training for an individual seeking certification as a CQI/IRCA auditor/lead auditor. This certificate is valid for five years from the date of the exam for the purpose of your certification as an auditor with the CQI/IRCA.
Before starting this course, you are expected to have the following prior knowledge:
- Understanding of Information security management systems and their principles and concepts:
- Understand the plan-do-check-act (PDCA) cycle
- Awareness of the need for information security and the assignment of responsibilities
- Incorporating management commitment and the interests of stakeholders into societal enhancement values
- Using the results of risk assessments to determine appropriate controls to reach acceptable levels of risk
- Incorporating security as an essential element of information networks and systems including the active prevention and detection of information security incidents
- Ensuring a comprehensive approach and continual information security reassessment including modification implementation as appropriate
Trusted ISO/IEC 27001 Training from a Leading Course Provider
As a leader in professional training, we draw on years of global experience. Our courses are delivered in multiple languages and locations by approved tutors, specialists in the area who can support you on your professional journey.
Contact us today to enroll on the SGS Academy ISO/IEC 27001 ISMS auditor/lead auditor training course.