The purpose of this course is to equip delegates with the knowledge and skills needed to perform internal audits on information security management systems and to contribute to the continual improvement of the management system. Delegates are expected to have knowledge of information security management systems and ISO/IEC 27001:2013 before attending this course. The background knowledge is provided on the Information Security Management Systems Introduction and Awareness Course.
This course comprises of presentations, workshops and role-play exercises.
Pre-knowledge requirements:
Before beginning this course, we recommend that delegates have knowledge.
1. Management Systems - In particular, an understanding of the Plan-Do-Check-Act (PDCA) cycle.
2. Information Security Management - A basic knowledge of the concepts of information security management and an understanding of commonly used information security management terms and definitions, as given in ISO/IEC 27000.