This 5-day CQI IRCA certified course is designed to provide delegates with the skills and techniques to audit an information security management system and effectively communicate findings.
The ISO 27001:2013 Lead Auditor qualification is designed to equip delegates with the skills and techniques of auditing and how to communicate the findings of the audit effectively to the management of the audited organisation.
During this 5-day CQI IRCA certified course, our experienced trainers will equip delegates with the skills to plan, implement and report an audit of an information security management system. Through tutorials, practical exercises and role plays, we will help you to increase your existing knowledge of ISO 27001:2013 and develop your skills to be able to conduct effective audits of ISMS.
- Understand the purpose of an ISMS and the processes involved
- Develop skills to help implement, monitor, review and improve an ISMS
- The role of an auditor to plan, conduct and follow up an ISMS audit in accordance with ISO 19011
What will you be covering?
- Key terms and definitions
- Certification audits – the process
- Risk assessment – types of risk
- Information Security objectives
- PDCA lifecycle
- Annex A controls and statement of applicability
- Planning and preparing for an audit
- Practical exercises
- Audit reporting
This course is intended for those who will be involved in leading audits of an information security management system that conforms to ISO 27001:2013.
Delegates are expected to have the knowledge of how management systems work, in particular, the requirements of ISO 27001:2013. Before starting this course, delegates are expected to have prior knowledge of Information security management and management system auditing.