The aim of this course is to provide students with the knowledge and skills required to perform first, second and third-party audits of Information Security Management Systems against ISO 27001, in accordance with ISO 19011 and ISO 17021, as applicable.
Who should attend ?
Those intending to acquire the competence to audit a whole ISO 27001-based Information Security Management system, either as a third or second-party auditor. Course is also useful for those participants, who are in the field of Information Security Management, IT & ITES Operations and have intentions to protect their organization system network and conformance to Information Security Management System.
This course has been designed with input and feedback internationally from a number of trainers, customers and training consultants. The course design reflects a high level of interaction between the trainer and the participants. It is built upon the participants input all throughout the course. This input by being mapped on the classroom walls will help the participants follow and remember the course structure and content. Course Duration Five (5) days plus a two & half -hour written examination. The course will start at 09.00 and end at 18.15 hrs. for all 5 days.
Following modules will be covered:
- ISMS – Why & What?
- ISMS - Risk Assessment
- ISMS – Purpose & Requirements
- ISMS – Why & what is an Audit?
- ISMS – Planning an Audit
- ISMS – Conducting an Audit
- ISMS - Reporting & Follow up
On successful completion of the course, a certificate will be issued to the participant. The certificate is valid for three years for the purpose of auditor certification by IRCA.