What is ISO 27001:2013 (ISMS)
ISO 27001 is an Information Security Management System. It is a suite of processes
necessary to manage the information security within an organisation. Organisations
implementing ISMS must establish appropriate security policies, identify risks and
carry risk assessments, implement ISMS performance evaluation and constantly plan
for further improvement.
ISO 27001 Lead Auditor Training
ISO 27001 Lead Auditor Certification is aimed to shape professionals in a way so that
they can support an organization in implementing, establishing, maintaining and
managing the Information Security Management System (ISMS) based on ISO/IEC 27001.
ISO 27001 is basically a specification of the ISMS framework. ISMS framework is a
set of processes and procedure which accelerates the risk management system of any
organization. According to the joint ISO and IEC publication’s documentation, ISO
27001 was developed to provide a model for establishing, implementing, operating,
monitoring, reviewing, and improving an Information Security Management System.
Certified ISO 27001 Lead Auditor designation is a professional certification for
audit team leaders working for certification bodies or performing supplier audits
for large organizations. ISO 27001 Lead auditor certification requires tertiary
education plus two years of working experience as an auditor or lead auditor in
training.
Learning objectives :
In detail, the training course will provide technical knowledge and practical
skills (exercises and role play) to become a competent Lead Auditor, including
via the following:
- Understand the
operations of an Information Security Management System based on ISO/IEC 27001
- Understand an
auditor’s role to: plan, lead and follow-up on a management system audit in
accordance with ISO 19011
- Learn how to lead
an audit and audit team
- How to identify a
typical framework to implement and ISMS compliant with ISO/IEC 27001:2013
following the Plan, Do, Check, Act (PDCA) cycle
- Learn how to
interpret the requirements of ISO/IEC 27001 in the context of an ISMS audit
- Acquire the
competencies of an auditor to: plan an audit, lead an audit, draft reports, and
follow-up on an audit in compliance with ISO 19011
- How to interpret
the requirements of ISO/IEC 27001:2013 from an implementation perspective in the
context of their organization
What you will learn?
ISO/IEC 27001 courses focus on the project managers or those who want to aspire
in this field. It is also relevant to other key staff involved in the design,
development and delivery of projects, including: Project Board members (e.g.
Senior Responsible Owners), Team Managers (e.g. Product Delivery Managers),
Project Assurance (e.g. Business Change Analysts), Project Support (e.g. Project
and Program Office personnel) and operational line managers/staff.
- Fundamental
principles of an Information Security Management System (ISMS)
- Based on
ISO/IEC 27002, Information Security Management best practices and System
controls
- Planning of
ISMS implementation based on ISO/IEC 27001
- Implementing an ISMS based on ISO/IEC 27001
- Performance, evaluation, monitoring, and
measurement of an ISMS
- Based on
ISO/IEC 27001, continuous improvement of an ISMS
- Preparing
for an ISMS certification audit
Target Audience
This course is designed for:
- Information
Security Practitioners
- Head – IT,
Chief Information Security Officer (CISO)
- Information
Security Management System Consultants or Management Representatives
- Information
Security Managers
- Core group
members or professionals responsible for establishing, implementing,
maintaining, auditing and improving Information Security Management
System