ISO 27001 Auditor / chief auditor of information security management systems.

audience-icon.png

Target audience.

ISMS auditor candidates; practicing ISMS auditors; enterprise managers; specialists responsible for the development, implementation, monitoring, maintenance, analysis, and improvement of ISMS and those responsible for the integration of ISMS with other management systemsнту.

target-yellow.png

Purpose of the course.

This course provides training in the principles and methods of auditing information security management systems (ISMS) that are required for audits to establish compliance with international standard ISO / IEC 27001: 2013.


In this course, you will study:

  • Basic requirements for an information security management system

  • Audit terminology

  • Audit methodology and practice

  • Skills of auditing for certification authorities

  • Skills to obtain ISO / IEC 27001:2013 qualification

clock-icon.png

Details.

Duration of studies: 5 days / 40 hours
Language of instruction: Russian
Language of materials and test: Russian

This course package includes:
- Certified trainer
- Texts
- Test
- After passing the test, a certificate will be issued confirming the acquired competence of lead auditor. Those who obtain this certification will be able to register in IRCA, the international database of auditors.


The test is administered on the last day of the course.

program-yellow.png

Program outline.

  • This program will provide you with an understanding of information security, ISMS audits, the audit process, internal and external audits, audits by first, second, and third parties, audit plans, observations, inconsistencies, material evidence, and follow-up audits. It will also provide an overview of management systems.

  • ISMS audit objectives and advantages

  • Risk management

  • Five stages of an audit

  • Significant factors determining the audit plan

  • Audit preparation

  • Preparing an audit checklist

  • Interviewing during the audit, monitoring processes, and studying documentation to obtain objective confirmation of the current status of the management system

  • Preparation of conclusions on inconsistencies to initiate appropriate corrective actions

  • Preparation and submission of verbal and written audit reports

  • Decisions on the need for further audits

  • Evaluation of corrective action plans