Information Security
ISO/IEC 27001(Lead Auditor)
Summary:
Information being a valuable asset and a building block and key to the growth of any organization needs to be suitably protected like any other important business asset. In the modern world this asset becomes crucial for success and maintaining credibility.
If this asset is compromised then the organization may have to face various threats and risks like brand image erosion, business disruption, financial and productivity loss etc. Information security is the protection of information from a wide range of threats in order to ensure business continuity, minimize business risk, maximise return on investments and increase business opportunities.
Prerequisites
The participants those who are interested to attend this course must have prior Knowledge for management system and principles and concepts of Information security Management.
What you will learn
- Understanding the purpose of an Information Security Management System and the processes involved in establishing, implementing, maintaining and continually improving an ISMS.
• Applying PDCA approach to information security management processes.
• Understanding the role and skills required by an auditor / lead auditor.
• Understanding auditing concepts and principles. Planning, conducting and reporting audits in accordance with ISO 19011.
Who Should Take This Course?
- Information Security Practitioners, Head – IT.
- Chief Information Security Officer
- Information Security Management System Consultants
- Information Security Management System Management Representative
- Information Security Managers and core group members responsible for establishing, implementing, maintaining, auditing and improving Information Security Management Systems
- Professionals who have a role to play in the implementation of Information Security Management System.
How do I get started with ISO/IEC 27001 training?
Interested in expanding your knowledge and advancing your career in Information Security? Training Heights experts are here to ease the certification process and help you obtain a verfied ISO/IEC 27001 credentials.
Course Outline:
1. ISMS concepts and ISO 27001 standard
- ISMS concepts and benefits
- Risk assessment and management
- ISO 27001 process framework requirements
- ISO 27001 standard requirements
- ISMS documentation
2. Auditing principles
- Auditing objectives
- Types of audits
- Process approach
3. Roles and responsibility of auditors
- • Auditors and lead auditors
- The auditors’ responsibilities
- The lead auditors’ responsibilities
- Auditors qualification and certifications
4. Planning an audit
- Pre-audit planning
- Reviewing documentation
- Developing an audit plan
- Preparing checklists or working documents
- Communication factors
5. Conducting an audit
- Opening meeting
- Collecting objective/audit evidence
- Effective interviewing techniques
- Identifying and recording nonconformities
- Preparing for the closing meeting
- Do’s and Don’t’s of auditing
6. Reporting audit results
- Conducting the closing meeting
- Preparing the audit report
- Distributing the audit report
7. Corrective actions
- Corrective action responsibilities
- Follow up scheduling
- Monitoring corrective action
8. ISO 27001 registration
- Choosing a registrar
- The registration process
- Surveillance audits