ISO27001 Training
Our ISO27001 training course enables participants to develop the expertise that is needed to audit an Information Security Management System (ISMS). We also expect you to be able to manage a team of auditors by applying widely recognized audit principles, procedures and techniques. In addition, you will learn the skills/knowledge needed to proficiently plan and perform audits compliant with the certification process of the ISO/IEC 27001:2005 standard. You will:
- develop the skill of managing audit teams and audit program
- master communicating with customers and conflict resolution
necessary to the efficient conducting of an audit.
Our course objectives for you:
1. to comprehend the relationship between an Information Security Management System, including risk management and controls, and compliance with the requirements of stakeholders
2. gain the skills necessary to manage an ISMS audit team
3. to gain skills to perform an ISMS audit according to ISO/IEC 27000:2005.
4. to understand the application of the info security management in the ISO/IEC 27000:2005 context.
5. to gain the ability to analyze the internal and external environment of an organization, risk assessment and audit decision-making in the context of an ISMS.
Lessons:
1: Developing best practices - auditing
2: Standards & regulatory framework
3: Certification process
4: Fundamental principals - Information Security
5: Information Security Management System (ISMS)
6: Fundamental audit concepts & principals
7: Evidence based approach
8: Audit prep
9: Audit documentation
10: Preparing for on site audit activity
11: Conducting on site activity
12: Communication in the audit
13: Audit procedures
14: Drafting of conclusions/ nonconformity rpts
15: Audit documentation
16: Review of the notes
17: Conclusions
18: Managing the audit program
What Is ISO27001?
ISO27001, titled "Information Security Management - Specification With Guidance for Use", is the replacement for the original document, BS7799-2. It is intended to provide the foundation for third party audit, and is 'harmonized' with other management standards, such as ISO 9001 and ISO 14001.
O/IEC 27001, part of the growing ISO/IEC 27000 family of standards, is an Information Security Management System (ISMS) standard published in October 2005 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Its full name is ISO/IEC 27001:2005 - Information technology -- Security techniques -- Information security management systems -- Requirements.
ISO/IEC 27001 formally specifies a management system that is intended to bring information security under explicit management control. Being a formal specification means that it mandates specific requirements. Organizations that claim to have adopted ISO/IEC 27001 can therefore be formally audited and certified compliant with the standard
The ISO27001 training Lead Auditor certification consists of a professional certification for auditors specializing in information security management systems (ISMS) based on the ISO/IEC 27001 standard and ISO/IEC 19011. This certification is provided by accredited certification bodies or IRCA. Accredited means having gone through an Accreditation process via a national accreditation body such as Professional Evaluation and Certification Board (PECB). The certification body is the organisation that can issue the ISO27001 compliance certificates.
ISO 27001, ISO27001, ISO lead auditor training, ISO 27001 certification