ISO/IEC 27001:2022 Information Security Management Systems Auditor / Lead Auditor Training Course

Description

Description
The objective of this course is to provide you with the knowledge and skills required to perform first, second and third-party audits of Information Security Management Systems (ISMS) against ISO/IEC 27001:2022 (with ISO/IEC 27002), in accordance with ISO 19011 and ISO/IEC 17021, as applicable.

IRCA Accreditation
We are accredited by the International Register of Certified Auditors (IRCA) globally. This course is accredited by IRCA, reference number 2549 - PR 373.

Objectives

Learning Objectives
Upon completion of this course, you will be able to:

Explain the purpose and business benefits of a ISMS, of information security management systems standards, of management system audit and of third-party certification.
Explain the role of an auditor to plan, conduct, report and follow-up an ISMS audit in accordance with ISO 19011 and ISO/IEC 17021, where appropriate.
Plan, conduct, report and follow up an audit of an ISMS to establish conformity or otherwise with ISO/IEC 27001 (with ISO/IEC 27002) in accordance with ISO 19011 and ISO/IEC 17021 where appropriate.

You will need to demonstrate acceptable performance in each of these areas in order to complete the course successfully.

Prior Knowledge
Before starting the course, you are expected to have the following prior knowledge:

Management systems;
Understand the Plan-Do-Check-Act (PDCA) cycle;
Information security management;
Knowledge of the following information security management principles and concepts:
Awareness of the need for information security;
The assignment of responsibility for information security;
Incorporating management commitment and the interests of stakeholders;
Enhancing societal values;
Using the results of risk assessments to determine appropriate controls to reach acceptable levels of risk;
Incorporating security as an essential element of information networks and systems;
The active prevention and detection of information security incidents;
Ensuring a comprehensive approach to information security management;
Continual reassessment of information security and making of modifications as appropriate.

ISO/IEC 27001:2022: Knowledge of the requirements of ISO/IEC 27001 (with ISO/IEC 27002) and the commonly used information security management terms and definitions, as given in ISO/IEC 27000 (overview and vocabulary), which may be gained by completing an CQI and IRCA certified ISMS Foundation Training Course or equivalent.

Audience

This course is designed for:

Auditors, consultants, managers and employees involved in the implementation of ISO/IEC 27001:2022 in organisations

Click here to view available offerings

Virtual Class (2 Classes) 40 Hours

Identifier102254138Delivery LanguageEnglish