ISO in the Sun: PECB ISO/IEC 27001 Information Security Management System (ISMS) Lead Auditor
Starting dates and places
Description
This five-day course provides an overview to the structure of an Information Security Management System (ISMS) based on ISO/IEC 27001:2022, and how to audit the same internally or in the context of certification.
Overview:
This five-day course enables participants to develop the necessary expertise to audit an Information Security Management System against ISO/IEC 27001:2022 and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques.
During this training, the participants will acquire the necessary knowledge and skills to proficiently plan and perform internal and external audits in compliance with ISO 19011:2018, as well as understanding the cert…
Frequently asked questions
There are no frequently asked questions yet. If you have any more questions or need help, contact our customer service.
This five-day course provides an overview to the structure of an
Information Security Management System (ISMS) based on ISO/IEC
27001:2022, and how to audit the same internally or in the context
of certification.
Overview:
This five-day course enables participants to develop the necessary
expertise to audit an Information Security Management System
against ISO/IEC 27001:2022 and to manage a team of auditors by
applying widely recognized audit principles, procedures and
techniques.
During this training, the participants will acquire the necessary
knowledge and skills to proficiently plan and perform internal and
external audits in compliance with ISO 19011:2018, as well as
understanding the certification process according to ISO/IEC
17021-1:2015 and ISO/IEC 27006:2015.
The course consists of a mix of presentation, discussion and
exercises based on real-world examples.
Outline:
Introduction to ISMS Concepts per ISO/IEC 27001:2022
Normative, Regulatory and Legal Framework
Fundamental Principles of Information Security
ISO/IEC 27001:2022 Certification Process
Information Security Management System (ISMS)
Clauses of ISO/IEC 27001:2022
Planning and Initiating the Audit
Fundamental Audit Concepts and Principles
Audit Approach based on Evidence and Risk
Preparation of an ISO/IEC 27001:2022 Certification Audit
ISMS Documentation Audit
Conducting an Opening Meeting
Conducting the Audit
Communication during the Audit
Audit procedures: Observation, Document Review, Interview,
Sampling, Technical Verification, Corroboration and Evaluation
Audit Test Plans
Formulation of Audit Findings
Documenting Nonconformities
Concluding and Follow-up of the Audit
Audit Documentation
Quality Review
Conducting a Closing Meeting and Conclusion of the Audit
Evaluation of Corrective Action Plans
Surveillance and Re-Certification Audits
Internal Audit Management Program
Objectives:
Completion of this course will enable students to:
Understand the principles of an ISMS conforming to
ISO/IEC 27001:2022
Perform ISO/IEC 27001:2022 internal audits
Execute ISO/IEC 27001:2022 certification audits on behalf of a
certification body
Manage ISMS audit teams
Audience:
This course is aimed at students with (future) roles like:
Internal auditors
ISMS certification auditors
Project managers, consultants and information security team members
participating in ISMS audits
information security practitioners moving into audit roles
Prerequisites:
General understanding of common business processes.
Some past exposure to information or IT security, management
systems and audits helpful, but not required.
Examination and Certification:
The course includes access to PECB's three-hour exam available in
multiple languages to be taken online on the last day or any time
after the course (own laptop required). Exam and first-year
certification fees are included in the course fees.
This course is designed by PECB in Canada, who also mark the exam
and issue respective certifications as per their criteria. PECB is
a personnel certification body, accredited to ISO/IEC 17024:2012 by
IAS. See www.pecb.com for full details.
Individual as well as Integrated Management Systems addressing Risk, Information Security, Business Continuity, (IT) Services and other areas are getting ever more important for ever more organisations. As conformity with the respective ISO standards increasingly becomes a requirement to do business, management and their staff wonder how to get there.
ISO in the Sun is an ongoing series of courses on Risk, Information Security, Business Continuity, Service, Project and Integrated Management hosted by SoftQualM in the beautiful surroundings of Lanzarote in the Canary Islands, Spain. This is the ideal opportunity to combine your continuing professional education with a break in the sun, and even save compared to attending similar courses in the typical metropolitan settings. Students come from all kinds of industries and sizes of organisation, from freelance consultants and auditors to EU institutions.
Stay up-to-date on new reviews
Share your review
Do you have experience with this course? Submit your review and help other people make the right choice. As a thank you for your effort we will donate £1.- to Stichting Edukans.There are no frequently asked questions yet. If you have any more questions or need help, contact our customer service.