-
Course Code
ISOM-005
Certified ISO 27001 (ISMS) Lead Auditor
- CQI and IRCA Certified ISMS Auditor Training courses will equip you with the Skill Makers and skills to assess organizations’ information security management systems to ISO 27001. This teaches you the management systems approach to identifying and managing information security risks, the requirements of ISO 27001, and how to plan, complete and report the audit of an entire ISMS.
Learning Outcomes
- Understand the audit process used by certification bodies
- An overview of the structure and requirements of ISO 27001
- How to use audits to monitor conformance
- How to apply continual improvement of the ISMS
- The purpose and benefits of the audit
- The role of auditors and standards in audits
- Common audit terms and definitions
- The principles of effective auditing
- Critical skills required for performing an audit
- The importance of observing and listening
- Conducting an audit follow-up
- The competence and evaluation of auditors
- The particular nuances of accredited certification audits
- Selecting and leading an audit team
- Managing communications with the audit client
- How the audit process is used in first, second and third-party audits
- How to establish and maintain an audit program
- Planning, conducting, reporting and following up on an audit
- Best-practice audit methodology based on ISO 19011
Course Contents
- Introduction
- Module 1 - Introduction to ISO 27001
- Module 2 - The planning phase
- Module 3 - Risk management
- Module 4 - The Do phase
- Module 5 - The Check and Act phases
- Module 6 - Annex A – Control objectives and controls
- Module 7 - Auditing basics
- Module 8 - Understanding auditing standards
- Module 9 - Understanding audit roles and responsibilities
- Module 10 - Planning the audits
- Module 11 - Managing the audit process
- Module 12 - Managing your audit team
- Module 13 - Completing a successful audit
- Final Exam
Our Methodology
- Make coaching and monitoring innovative and using modern
- Media training also using on the go training by using interactive means and focusing on
- The exercises, practical applications and real situations study
- Live delivery method, instructor-led training
- Experienced consultant, trainers, and professional
- Qualified trainer with high-level experience
Attendance Reports
- Send daily attendance reports to training departments
- Send full attendance report to training dep. by the end of the course
- Attend 100 % from the course days also provide daily
- Issue attendance certificate for participant who attend minimum 80% from the course duration
Pre/Post Reports
- Pre- assessment before starting training
- Post assessment after finish training
- Full report for the deferent between Pre-& Post assessment
Who Should Attend
- Those wishing to lead audits of Information Security Management System (ISMS) in accordance with ISO 27001:2013 (either as a 2nd party, or 3rd party auditor)
- Those wishing to learn about effective audit practices
- Existing information security auditors who wish to expand their auditing skills
- Consultants who wish to provide advice on ISO 27001:2013 ISMS Auditing
- Security and quality professionals
