On completion, successful students will have the knowledgeand skills to:
Explain the purpose and business benefits of aninformation security management system standards,management system audits and of third-party certification.
Explain the role of an auditor to plan, conduct, reportand follow up an information security management systemaudit and or establish conformity (or otherwise) with ISO/IEC27001 (with ISO/IEC 27002) in accordance with ISO 19011 (and ISO 17021 where appropriate).
Who should attend
This course is recommended for anyone who is planning toperform internal audits/preparing to become an external auditor ofInformation Security Management Systems. This course is highly interactive in nature with emphasis onactive involvement of students in group-work, brainstormingsessions, quizzes and students sharing their experiences with eachother. The tutor will provide his theoretical inputs to supplementthe course and impart applied knowledge to various situations.
- For succesful completion of this course, we recommend the following prior knowledge:
a) Management systems - Understand the Plan-Do-Check-Act (PDCA) cycle
b) Knowledge of the following information securitymanagement principles and concepts:
- Awareness of the need for information security
- The assignment of responsibility for information security
- Incorporating management commitment and the interestsof stakeholders
- Enhancing societal values
- Using the results of risk assessments to determineappropriate controls to reach acceptable levels of risk
- Incorporating security as an essential element ofinformation networks and systems
- The active prevention and detection of informationsecurity incidents
- Ensuring a comprehensive approach to informationsecurity management
- Continual reassessment of information security andmaking of modifications as appropriate.
c) ISO/IEC 27001 Knowledge of the requirements of ISO/IEC 27001 (with ISO/IEC 27002) and the commonly usedinformation security management terms and definitions, asgiven in ISO/IEC 27000.
Did you know?
- Participant evaluation is through Continuous Assessment during the training course and a closed book examination (2 hours) at the end of the course.
- A ‘Certificate of Achievement’ will be awarded to participants who passes both continuous assessment & the written examination
- Successful completion of this course is one of the criteria for you to upgrade your CQI and IRCA Internal/Lead auditor status
- You can now record your CQI and IRCA certificate to access exclusive resources via www.quality.org