About the course
What is an ISO 27001:2013 Auditor Conversion course?
A highly interactive 3-day course that will provide delegates with the knowledge and skills required to perform audits of information security management systems (ISMS) against ISO 27001. This includes audits within your own organisation, of your suppliers or for third party organisations.
IMPORTANT! There is a new European version of 27001 called BS EN ISO/IEC 27001:2017, which includes approval by CEN/Cenelec. The changes from ISO 27001:2013 are very minor and affect only subclause 6.1.3 and control A.8.1.1. They are not considered significant in the delivery of this course. The latest official “ISO” version is currently ISO 27001:2013.
Who should attend?
- This course is only suitable for those who have successfully completed a 5-day Lead Auditor course (in any standard). Please note, if you intend to register with CQI IRCA then the Lead Auditor course needs to have been CQI IRCA certified.
- Delegates must have prior knowledge of Annex SL.
- Delegates must have prior knowledge of Information Security management principles and concepts, terms and definitions, and requirements of ISO 27001:2013.
What will you learn?
A detailed understanding of:
- The purpose and benefits of an information security management system (ISMS)
- Compliance versus conformity
- The role of an ISMS auditor to plan, conduct, report and follow up an audit of an ISMS
- Analysing situations and making decisions within an ISMS audit
- Refresher on key auditor skills and how they can be utilised in an ISMS audit