ISO/IEC 27001 Lead Auditor Program
Select Other "city & date"
ISO/IEC 27001 Lead Auditor Program Course
Introduction:
The ISO/IEC 27001 Lead Auditor training program empowers individuals to cultivate the essential expertise for conducting audits of Information Security Management Systems (ISMS). By applying widely acknowledged audit principles, procedures, and techniques, participants gain the proficiency needed to perform ISMS audits.
Throughout this training course, attendees will acquire the knowledge and skills necessary to effectively plan and execute both internal and external audits, aligning with the certification process outlined in ISO 19011 and ISO/IEC 170
Course Objectives:
By the end of the training you will understand:
- Understand the operations of an Information Security Management System based on ISO/IEC 27001
- Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
- Understand an auditor’s role to plan, lead, and follow-up on a management system audit in accordance with ISO 19011
- Learn how to lead an audit and audit team
- Learn how to interpret the requirements of ISO/IEC 27001 in the context of an ISMS audit
- Acquire the competencies of an auditor to plan an audit, lead an audit, draft reports, and follow-up on an audit in compliance with ISO 19011
Who Should Attend?
- Auditors seeking to perform and lead Information Security Management System (ISMS) certification audits
- Managers or consultants seeking to master an Information Security Management System audit process
- Individuals responsible for maintaining conformance with Information Security Management System requirements
- Technical experts seeking to prepare for an Information Security Management System audit
- Expert advisors in Information Security Management
Course Outlines:
Introduction to the information security management system (ISMS) and ISO/IEC 27001
- Training course objectives and structure
- Standards and regulatory frameworks
- Certification process
- Fundamental concepts and principles of information security
- Information security management system (ISMS)
Audit principles, preparation, and initiation of an audit
- Fundamental audit concepts and principles
- The impact of trends and technology in auditing
- Evidence-based auditing
- Risk-based auditing
- Initiation of the audit process
- Stage 1 audit
On-site audit activities
- Preparing for the stage 2 audit
- Stage 2 audit
- Communication during the audit
- Audit procedures
- Creating audit test plans
Closing the audit
- Drafting audit findings and nonconformity reports
- Audit documentation and quality review
- Closing of the audit
- Evaluation of action plans by the auditor
- Beyond the initial audit
- Managing an internal audit program
Certification Exam