ISO 27001 Lead Auditor
ISM Lead Auditor (5 days)
The ISO 27001 audit training course teaches participants the foundations of the audit of Information Security Management System (ISMS). Taking place over five days, including the official certification exam, the course gives students basic training in how to conduct audits in accordance with the registration process for the ISO 27001:2005 standard. The lectures and audit exercises are based on the guidelines for the ISO 19011:2002 audit as well as the various standards in the ISO 27000 family.
| Class Price: | $2,995 |
| Time: | 8am -5:00pm |
| Location: | check schedule |
| Prerequisites: | Understanding of TCP/IP protocols |
| CPE Credits: | 40 |
| Instructor: | Highly qualified Information Security Manager instructors, actively involved in the ISO 27001 Audit |
Method of Delivery - Residential On Ground
Method of Evaluation: 1. 95 % attendance 2. 100 % completion of Lab
Grading: Pass = 95% Attendance and 100% Completion of Labs and Practical
Fail => 95% Attendance and > 100% Completion of Labs and Practical
Learning Level: Basic Auditor to Advanced
Target Audience
- IT Security Managers
- IT Managers
- Auditors interested in ISO 27001 :2005 or ISO 17799 :2005 / ISO 27002: 2007 Standards
- Information Security Consultants
Prerequisites
Initial knowledge of ISO/IEC 17799:2005 and ISO 27001:2005 standards, and base knowledge of information security is required.
The course is given during the day ( 8:00am to 6:00pm ) and it is necessary for the student to work and prepare during the evening. Attendance at the training's and at different workshops is obligatory in order to obtain an attestation or certification following the training.
Learning Objectives
- Review of the ISO 27001:2005 prerequisites
- Understanding of the relations between ISO 27001:2005 and ISO/IEC 17799:2005
- Security related threat and vulnerabilities apprenticeship evaluation
- Understanding of the security controls and counter-measures
- Comprehension of the auditor's roles and responsibilities
- Apprenticeship of the relative phases of an information security management system audit
Curriculum
Day 1: Introduction to information security management system management with ISO 27001
- Objectives and course structure
- Information Security Standard
- Certification Process
- Fundamental Principles of Information Security
- Information Security Management System
Day 2: Audit initiation
- Fundamental Audit Concepts and Principles
- Evidence based approach
- Audit Preparation
- Documentary Audit
- Preparing for the On-site Audit Activities
- Conducting On-site Activities
Day 3: Conduct the audit
- Communication during the audit
- Audit Procedures
- Drafting of conclusions and non-conformity reports
Day 4: Conclude the audit
- Audit Documentation
- Review of the Audit Notes
- Audit Conclusions
- Managing an audit program
- The competence and evaluation of auditors
- Training Closure
Day 5: Examination
- 3-hour examination leading to certification as an ISO 27001 Lead Auditor. The training course and examination are accredited by RABQSA, a US certification body recognized by other personnel certification bodies including IRCA.
Prerequisites :
- The ISMS Foundation course or basic knowledge of the ISO 27001 and ISO 27002 standards is recommended.
General information :
- Maximum number of students: 15
- A certificate of attainment will be given to participants who successfully pass the examination
