Information Security : ISO 27001:2013 Information Security Management Systems Internal Auditor
The purpose of the ISO 27001:2013 Internal Auditor Training is to give you the necessary skills to perform internal audits on an organization’s Information Security Management Systems (ISMS) and to contribute to their continual improvement.
Who Should Attend?
- Those wishing to conduct First Party Internal Audits and Second Party Supplier Audits of Information Security Management System (ISMS) in accordance with ISO 27001:2013
- Those wishing to learn about effective auditing practices
- Existing information security auditors who wish to expand their auditing skills
- Consultants who wish to provide advice on ISO 27001:2013 ISMS Auditing
- Security and quality professionals
- Anyone involved in the auditing, maintaining or supervising of an ISO 27001:2013 ISMS.
- Information Security is recognized business process. It is a highly specialized skills and practical knowledge needed to assess an organization’s capability to manage all aspects of information security.
- It is a structured programme that includes theory and practice using a combination of collaborative learning and practical activities enabling delegates to gain an understanding of auditing.
- We cover the clauses and controls of ISO 27001:2013 in detail and understand how questions to audit each control can be attained.
- We cover the requirements of ISO 27001:2013 Guidelines of Auditing.
- The basics of ISO 27001:2013, terms and definitions associated with PDCA model and Auditing are discussed in detail.
- The course provides templates to allow delegates to understand how questions can be structured and created into a customized questionnaire per process, with Non-conformity, corrective action and internal audit reports supplied as templates.
- Each clause and control within the standard is explained in great detail and can be structured and tailored to your core business and Environment.
- How to use the Auditing Toolkit, Checklists, Non-conformance Reports, Audit Reports, Audit Programmes, Plans and Corrective Actions.
- This course can be an integration of 2 courses combined in one, to assist employees in organization to minimize the time in attending a course and structured in a way that is efficiently understood.
- The courses controls will be explained in a practical sense, where if delegates to not understand IT terms, examples will be simplified.
- The ISO 27001:2013 standard will be read back to front including the Annexure A controls, with practical examples on auditing each clause and control along with implementing it.
- An organizations current ISMS or an example will be provided with templates to show how these will be audited and implemented upon.
For companies that may have multiple users, WWISE can cater for corporates at a discounted rate and rent the course out on a platform that can be customized with the client’s corporate identity.VIEW CORPORATE PACKAGE