Description
With the use of widely accepted audit principles, methods, and methodologies, this 5-day ISO/IEC 27001:2022 ISMS Lead Auditor Training Course will assist you to effectively execute an Information Security Management System (ISMS) 3rd Party Audit. You will learn how to design and execute internal and external audits in accordance with ISO 19011:2018 and the ISO/IEC 17021-1 certification process throughout this training course.
Course Objectives
By the end of the course, the learner will be able to:
- Give an explanation of the core ideas and rules underlying an information security management system (ISMS) based on ISO/IEC 27001.
- From the perspective of an auditor, interpret the ISO/IEC 27001 specifications for an ISMS.
- Determine whether the ISMS complies with ISO/IEC 27001 requirements using the basic audit ideas and principles.
- Plan, carry out, and conclude an ISO/IEC 27001 compliance audit in accordance with the requirements of ISO/IEC 17021-1, the principles of ISO 19011, and other auditing best practises.
- Successfully manage a programme for ISO/IEC 27001 audits.
The benefits
- The internal audit process will benefit from auditors who have received the proper training.
- Conformance to the Information Security Management Systems Standard
- Continual improvement of processes with the organisation.
- Identification of key areas of interest to Certification Bodies as the training covers the objectives of the certification criteria as well as processes, policies, and procedures.
Modules
- Introduction to information security management
- Key changes in ISO 27001:2013 vs ISO 27001:2022
- Objectives and benefits of an ISMS
- Key Principles and Concepts of the ISMS
- Code of practice ISO/IEC 27001:2022
- Certification specification ISO/IEC 27001:2022
- Certification to ISO/IEC 27001:2022
- The ISO 27000 series of standards
- ISO/IEC 27001:2022 requirements
- The ISMS Audit Planning
- The ISMS Audit Preparation
- How to conduct an Audit Opening Meeting
- Conducting an ISMS Audit
- Recording of audit findings
- Root Cause Identification
- Presentation of audit findings
- How to conduct an Audit Closing Meeting
- Conducting Audit Follow-Up
- Overview of Management Systems Certification
- Scope, Definitions and Principles
- Organisation and Governance
- Operational Control
- Impartiality
- Management of Competence
- Developing a New Certification Scheme
- The Certification Process including:
- Programme Planning
- Audits and Integration – Programming, Planning, Meeting Objectives and Reporting
- Decision Making
- Management System Requirements
Certification
- Certificate of Attendance
- Certificate of Competence
Assessment
There will not be an assessment at the end of the course for traditional classroom training however the following applies for eLearning:
- Delegates have to complete the assessment with a minimum score of 60% to receive a Certificate of Competence.
- Delegates who score between 50% and 59% will get a second attempt at the assessment.
- Delegates who score lower than 40% or fail the second attempt, will need to repurchase the course.
- Delegates will receive a Certificate of Attendance regardless of a pass or fail.