During the course "Information Security Management Systems Auditor/Lead Auditor", the participants learn effective auditing to ensure that the organization follow its information security policies in compliance with ISO/IEC 27001.
IRCA Trainings-Organisations-ID: AO17607
IRCA Course-ID: A17608
Native-Speaker: 2,0 hours
Non-Native-Speaker: 2,5 hours
|The course is designed for those, who |
-want to establish an information security managesystem in compliance with ISO 27001:2013
-want to expand their knowledge and skills as auditor
-want to work as a consultant for ISO 27001:2013 certification
-active in the field of IT and/or quality management
|Knowledge in the field of information security (e.g. need of IS, responsibilities of IS, management commitment, risk assessment, security by design, incident management, continuous development) and management system processes (PDCA). The participant shall have first experience as an auditor and have attended an ISO 27001 implementation course or has equivalent knowledge and skills.
The participant must have adequate knowledge about the standard (requirements of ISO 27001 & 27002, terms & definitions ISO 27000). Not meeting the pre-requisites, may impact the continuous assessment in a negative way. The participant has to pass the continuous assessment in order to pass the course. The final exam can include questions relating to any requirements of ISO/IEC 27001 and any expected prior knowledge. If you’re uncertain about meeting the requirements, please do not hesitate to contact us prior to enrolment.
|Effective auditing determines the success of information security management systems: This makes auditing a challenge, which combines complex tasks with a high degree of responsibility.
In this 5 day intensive course, the participant will be prepared for the qualification as ISO 27001:2013 auditor/lead auditor and will be trained in conducting audits on behalf of an certification authority.|
|duration: 5 days|
price: 2950,- Euro + VAT
You can find the print view here.
|Will be scheduled on request|
Please let us know here, when you prefer to have this workshop!
- The course will be held in Englisch, with English material and will end with an English test.
- The workshop consists of a combination of lessons, team-work and role-play and includes the following topics:
- ISO 27001:2013
- Information security
- The importance of informatino security
- Assessment of vulnerabilities and security risks
- Management of security risks
- Selection of controls and monitoring
- Establishment of an information security management system (ISMS)
- ISO 27001:2005 auditing
- Methods for auditing ISO 27001:2013
- Lead a ISO 27001:2013 audit team
- Interview / questioning strategies
- On the last day, the student will particpate in an exam(depending on circumstances approximately 2 hours). The test consist of multiple choice questions as well as free text/own explanations. After the participant passes the exam, he/she will receive an official certificate.