Information Security Management Systems (ISO 27001: 2005) – Lead Auditor Course
This is an advanced level course on ISO 9001: 2008 —Quality Management Systems Requirements. This course contents are based on the following international standards – ISO 9000:2005, ISO 9001:2008, and ISO 19011:2011.
NABET registered course – This course is delivered in partnership with MacLead Certifications Private limited, based on the NABET criteria for QMS Lead auditor course, NABET REGISTRATION NUMBER – LQ1215 105
IRCA – UK registered course – This course is delivered in partnership with BSCIC Certifications Private limited, based on the IRCA criteria for QMS Lead auditor course. IRCA Registration Number – A17581
MODEL OF A PROCESS-BASED INFORMATION SECURITY SYSTEM.
Course Learning Objectives:
- Explain the purpose of an information security management system (ISMS) and explain the processes involved in establishing, implementing, operating, monitoring, reviewing and improving an ISMS as defined in ISO/IEC 27001, including the significance of these for ISMS auditors.
- Explain the role of an auditor to plan, conduct, and report and follow up an ISMS audit in accordance with ISO 19011.
- Interpret the requirements of ISO 27001:2005, and ISO 27006:2007 in the context of an ISMS audit.
- Undertake the role of an auditor to plan, conduct, report and follow up an audit in accordance with ISO 19011.
- Explain the control objectives and controls defined in Annex A of ISO27001.
- Explain the difference between legal compliance and conformance with ISO standards and outline relevant applicable legislation, intellectual property rights, data protection and privacy of personal information.
- Describe the process of conducting, Follow up and reporting an audit.
- Introduction to Control clauses, Objectives and Controls
- Requirements of ISO 27001–Annexure –A
- ISMS Purpose and Business benefits
- Risk assessment and selection of controls
- Requirements of ISO 27001
- Auditing guidelines as per ISO 27007 and ISO 19011
This 5 days course is designed to include Structured Presentation, contextual examples, case studies, exercises and role plays. Participants will be trained to Plan and conduct an audit in accordance with guidelines as per ISO 19011, gather objective evidence via various methods and determine conformity to requirements of ISMS.
The participants will be assessed at two levels. One is the continuous assessment based on the activities and exercises performed during the session and the other is the final assessment which is a written examination for two hours, based on the board requirements.
It is expected that the participants should have the basic understanding of the ISO 27001:2005 clauses, the controls in Annex – A and the auditing terminologies and practices. Not meeting the pre requisite of the course may lead to unsuccessful completion of the course.
- Develop an additional Management skill of Audit
- Can register themselves anywhere in the world as an Auditors with members of IPC (International Personnel Certification Association)
- Are preferred in Certification and Auditing Organizations
- Are preferred in consultancy organizations or they can become a consultant by themselves
- Course conducted by industry experts from leading organizations from the fields of Manufacturing, IT, automobiles, BPO and other service sectors.
- Actual live implementation case studies.
- Opportunity for post training project exposure
- Post training project support by pool of experienced practitioners.
- Training conducted at multiple locations pan India
- Training supported by excellent course material/exercises/workbooks/model exams/cases designed by experienced faculty and practitioners.
- Certifications recognized worldwide by top assessment and accreditation bodies.
If you want to know when our next training is, please click here.
If you have any questions including FEE and Registration, please use the contact us page.
Check out the other courses we offer.