About the course
ISO/IEC 27001 is an international standard that specifies the requirements for an effective Information Security Management System (ISMS). An essential part of the maintenance of an ISMS is auditing, which acts as a tool for identifying potential risks, meeting the requirements of ISO/IEC 27001 and identifying better ways to keep information secure.
This five-day ISO/IEC 27001 Lead Auditor Training Course provides delegates with the skills and knowledge required to effectively perform first, second and third-party audits for Information Security Management Systems.
The course follows a central case study, through which delegates can develop their skills and confidence of how to plan, conduct and follow up on an ISO/IEC 27001 audit. Interactive and participative workshops include an introduction to auditing, risk assessment during an audit, preparing checklists, auditing techniques and nonconformity reporting.
On successful completion, delegates will receive a CQI and IRCA approved certificate and will satisfy the training requirements for IRCA’s (International Register of Certificated Auditors) ISMS auditor registration across all auditor grades.
- Background and overview of ISO/IEC 27001 and other information security standards (ISO 27000 Family)
- An introduction to auditing and the auditor’s role
- The role of management in reviewing risk and the effectiveness of the ISMS
- Planning and managing an audit:
-resources and timing
-use of checklists
-selection of audit teams
- Conducting the audit – skills, techniques and auditor competence:
-evaluating the significance of audit findings
-communicating and presenting audit reports
- Nonconformities and improved security as a result of corrective actions
- Management of the third-party assessment and certification process
This training course is suitable for individuals looking to complete first (internal), second (supplier) and third (certification) party ISO/IEC 27001 audits, in addition to:
- individuals that would like to become ISMS Registered Lead Auditors
- audit team leaders.
On successful completion of this ISO/IEC 27001 Lead Auditor Training Course delegates will be able to
- Understand the role of audits within the ISMS and the role of auditors in effecting continual improvement.
- Plan audits: including analysis of factors determining audit frequencies and using audit checklists
- Conduct audits: including interviewing techniques and methods for data collection
- Finishing the audit: including closing meetings, nonconformity assessment and nonconformity report writing
- understand the difference between, and complete, first, second and third-party audits
Successful delegates will also receive an internationally recognised certificate from CQI IRCA, the Chartered Body for Quality Professionals and Register of Certificated Auditors – enabling them to apply with the International Register of Certified Auditors, increasing their reputation as an auditor.