ATP Number: 01199876
ISO/IEC 27001:2022 – Information Security Management System Lead Auditor Training Course
PR373 ISO/IEC 27001:2022 Lead Auditor (Course Code: 2568)
Course Details: 40 hours
Course Details:
Obtaining ISO 27001:2022 certification brings numerous benefits to an organization, including improved protection of sensitive information, enhanced overall security, a demonstration of a commitment to information security to customers and partners, and increased efficiency and cost savings.
A “Certified Lead Auditor” is a professional who has undergone training and certification in the ISO 27001 standard. They are capable of conducting internal and external audits to evaluate compliance with the standard and provide recommendations for improving an organization’s ISMS. They are able to provide expert guidance in the management of information security processes and systems.
Effective auditing is a crucial component of any management system’s success. It comes with significant responsibilities, challenges, and obstacles. This intense five-day course trains ISMS auditors on how to plan, organize, manage, and carry out an audit.
Furthermore, it equips them with the knowledge and skills necessary for 2nd-party auditing, as well as practical support and information for individuals seeking certification of suppliers and subcontractors.
Knowledge:
● Explain the purpose of an information security management system, of information security management system standards, of management system audit and of third party certification.
● Explain the role of an auditor to plan, conduct, report and follow up an information security management system audit in accordance with ISO 19011:2018 and ISO/IEC 17021-1.
Skills:
● Plan, conduct, report and follow up an audit of an information security management system to establish conformity (or otherwise) with ISO/IEC 27001 (with ISO/IEC 27002) in accordance with ISO 19011:2018 and ISO/IEC 17021-1 where appropriate.
Who Should Attend?
Anyone who is or aspires to be:
● A Third Party Assessor or Lead Assessor of ISO 27001:2022
● Responsible for undertaking audits of suppliers/subcontractors as per ISO 27001:2022
● Responsible for implementing internal audits and audit programs as per ISO 27001:2022
● Responsible for implementing the ISO 27001 series of standards
Course Structure:
Course starts at 0830 hrs and ends approximately at 1800 hrs. Maximum attendance 10 delegates per tutor.
Pre-course information is sent to delegates approximately a week prior to the beginning of the course (subject to the fee paid).
The course is highly participative and will enable delegates to build on existing skills. Emphasis is based on practical application of assessment knowledge and skills. Realistic case studies allow delegates to apply skills and knowledge to all stages of the assessment process.
Criteria of Eligibility:
Some specific ISMS knowledge and Min. 4 years working experience is required. This is an intensive course.
Before starting this course, students are expected to have the following prior knowledge:
a). Management Systems:
● The Plan, Do, Check, Act (PDCA) cycle.
● The core elements of a management system and the interrelationship between top management responsibility, policy, objectives, planning, implementation, measurement, review, and continual improvement.
b). Information Security Management
Knowledge of the following information security management principles and concepts:
● The Awareness of the need for information security;
● The assignment of responsibility for information security;
● Incorporating management commitment and the interests of stakeholders;
● Enhancing societal values;
● Using the results of risk assessments to determine appropriate controls to reach acceptable levels of risk;
● Incorporating security as an essential element of information networks and systems;
● The active prevention and detection of information security incidents;
● Ensuring a comprehensive approach to information security management;
● Continual reassessment of information security and making of modifications as appropriate.
c). ISO 27001
Knowledge of the requirements of ISO/IEC 27001 (with ISO/IEC 27002) and the commonly used information security management terms and definitions, as given in ISO/IEC 27000, which may be gained by completing Certified ISO 27001:2022 Foundation (ISMS) Training course or equivalent.
d). Upon registration at the course in the beginning there will be a Pre-Questionnaire test to check the prior knowledge and understanding of the delegates.
Course Facilitators:
All course facilitators are highly qualified and experienced both in training and assessment of Information Security Management System. We strongly believe that the experience in Information Security Management System Assessment and Training skills is a right combination to deliver a practical training course. They are selected on their ability to make AIS courses both practical and enjoyable.
How To Apply?
To apply for this course by sending an e-mail to trainings@alvinintegrated.com. Course confirmation will be given after receiving the advance payments from the interested participants. To learn more about our cancellation and refund policy, please visit the following link: cancellation-and-refund-policy/
