Information Security : ISO 27001:2013 Information Security Management Systems Internal Auditor
The purpose of the ISO 27001:2013 Internal Auditor Training is to give you the necessary skills to perform internal audits on an organization’s Information Security Management Systems (ISMS) and to contribute to their continual improvement.
The purpose of the ISO 27001:2013 Internal Auditor Training is to give you the necessary skills to perform internal audits on an organization’s Information Security Management Systems (ISMS) and to contribute to their continual improvement. The training helps you identify and control the threats that organization face from any information security controls lapses and how to effectively put in place measures to address those risks. Our online tutors will teach you how to plan, execute and report after auditing the ISMS in an organization assessing its conformance with ISO/IEC 27001:2013.
Who Should Attend?
- Those wishing to conduct First Party Internal Audits and Second Party Supplier Audits of Information Security Management System (ISMS) in accordance with ISO 27001:2013
- Those wishing to learn about effective auditing practices
- Existing information security auditors who wish to expand their auditing skills
- Consultants who wish to provide advice on ISO 27001:2013 ISMS Auditing
- Security and quality professionals
- Anyone involved in the auditing, maintaining or supervising of an ISO 27001:2013 ISMS.
- Information Security is recognized business process. It is a highly specialized skills and practical knowledge needed to assess an organization’s capability to manage all aspects of information security.
- It is a structured programme that includes theory and practice using a combination of collaborative learning and practical activities enabling delegates to gain an understanding of auditing.
- We cover the clauses and controls of ISO 27001:2013 in detail and understand how questions to audit each control can be attained.
- We cover the requirements of ISO 27001:2013 Guidelines of Auditing.
- The basics of ISO 27001:2013, terms and definitions associated with PDCA model and Auditing are discussed in detail.
- The course provides templates to allow delegates to understand how questions can be structured and created into a customized questionnaire per process, with Non-conformity, corrective action and internal audit reports supplied as templates.
- Each clause and control within the standard is explained in great detail and can be structured and tailored to your core business and Environment.
- How to use the Auditing Toolkit, Checklists, Non-conformance Reports, Audit Reports, Audit Programmes, Plans and Corrective Actions.
- This course can be an integration of 2 courses combined in one, to assist employees in organization to minimize the time in attending a course and structured in a way that is efficiently understood.
- The courses controls will be explained in a practical sense, where if delegates to not understand IT terms, examples will be simplified.
- The ISO 27001:2013 standard will be read back to front including the Annexure A controls, with practical examples on auditing each clause and control along with implementing it.
- An organizations current ISMS or an example will be provided with templates to show how these will be audited and implemented upon.
All delegates who successfully pass the assessment over 60% will be issued with a certificate of competence. If you receive lower than 60% a certificate of attendance will be issued.
An Assessment at the end of the course will be required. A minimum of 60% is to be achieved to attain a Competence Certificate. If you achieve lower than 60% but get between 40 – 59% a second attempt will become available. If you get lower than 40% and fail the second attempt you will need to re-purchase the course. An attendance certificate is awarded to you regardless of a pass or fail.
There are currently no reviews available.
For companies that may have multiple users, WWISE can cater for corporates at a discounted rate and rent the course out on a platform that can be customized with the client’s corporate identity.VIEW CORPORATE PACKAGE