ISMS – Information Security Lead Auditor Training – ISMS + AU + TL – 5 days
ISMS – Information Security Lead Auditor Training – ISMS + AU + TL
ISMS – Information Security Management Systems – ISO 27001 – This lead audit training course will enable you to conduct effective audits in any auditing situation. It provides you with the skills to plan, conduct, lead and report audits for first party (within your own organisation), second party (suppliers) and with third party organisations.
This training will provide you with the knowledge confidence to understand, implement and evaluate an ISMS. It also assists you in understanding the interpersonal and communication skills required for Auditors and Audits team leaders. The course involves a high level of participant involvement through discussions, role plays and case studies that are used to reinforce the concepts and to provide practice in applying them.
Key Learning Objectives
- The intent and the requirements of each clause and its relationship with organisation’s operational information security requirements and legal compliance requirement
- The documentation requirements and gain the ability to analyse the interrelationships among various ISMS documents
- How ISMS planning, policy, objectives and processes are implemented according to the ISO/IEC 27001:2013 standard and in relation to the context of the organization; and
- The process of addressing improvements in the organization’s ISMS and verify that identified improvements are effectively managed
Review Risk Assessment
- Assess the effectiveness of an organisation’s information Security Risk assessment(RA) methodologies
- Analyse the controls identified in the Statement of Applicability (SOA) and the controls of the ISO/IEC 27001:2013 Annex A as they apply to the treatment of risk
- Assess the organization’s operational control, information security RA and the implementation of the risk treatment(RT) plan
- Evaluate RA and RT results to ensure they are appropriately identified within the organization’s SOA
- Asses an organisation’s monitoring, measurement, analysis, and evaluation activities
- Understand the application of the principles, procedures and methods of auditing.
- Understand the conduct of an effective audit in the context of the auditee’s organizational situation.
- Understand the application of the regulations, and other considerations that are relevant to the audit, the management system, and the conduct of the audit.
- Understand and practice personal behaviours necessary for the effective and efficient conduct of a management system audit
- Establish and plan the activities of an audit team
- Communicate effectively with the auditee and audit client
- Organise and direct audit team members
- Prepare and complete the audit report
- Use remote auditing methods