It covers the best-practice audit methodology based on ISO 19011 allowing you to master audit techniques. This fully accredited course equips you with the skills to conduct second-party (supplier) and third-party (external and certification) Information Security Management System audits.
Build your career as a lead auditor, lead a team of auditors and achieve compliance with ISO 27001.Packed full of hands on practical exercises you will gain the skills and expertise needed to competently manage an ISMS audit program.
By the end of this course you will be able to:
An overview of the structure and major requirements of ISO/IEC 27001.
An overview of the audit process used by certification bodies.
The purpose, benefits and core principles of effective auditing.
Common auditing terms and definitions.
Critical skills required for performing an audit.
Best-practice audit methodology based on ISO 19011.
How to establish, maintain and manage an audit programme.
How to plan, conduct, report, summaries and follow-up on an audit.
Effective interviewing techniques and observation skills.
How to use audits to identify nonconformists and ensure appropriate corrective action is taken.
How to assess and evaluate the competence of auditors?
How to apply continual improvement of the ISMS?
Accredited certification audit specifics.
How the audit process is used in first, second and third-party audits?
Who should attend?
IT/ Information Security Manager
Head of IT
IT/ Information Security Consultant
Cyber Security Consultant
Information security analyst
Information and risk manager
Information Security Officer
Basic knowledge of information security management principles and concepts
Benefits to Organizations:
1. Successful auditing will enhance the safety of your organization’s private records to satisfy your market warranty and company governance needs.
2. Your employer will have an inner useful resource and process so one can behavior its personal audit of its ISMS to evaluate and enhance conformance with ISO/IEC 27001:2013.