Log In
SiteHeart
 
Home Training Services Governance and Risk ISO 27001 Information Security Courses

ISO 27001 Lead Auditor

Mastering the Audit of an Information Security Management System (ISMS) Based On ISO/IEC 27001, In Compliance With the Requirements of ISO 19011 and ISO 17021

Course Fact Sheet – ISO/IEC 27001 Information Security Management System (ISMS)

PECB Certified Lead Auditor

5 days course

 

This five-day intensive course enables the participants to develop the expertise needed to audit an Information Security Management System (ISMS), and manage a team of auditors by applying widely recognized audit principles, procedures and techniques. During this training, the participants will acquire the knowledge and skills needed to proficiently plan and perform internal and external audits in compliance with certification process of the ISO/IEC 27001 standard. Based on practical exercises, the participants will develop the skills (mastering audit techniques) and competencies (managing audit teams and audit program, communicating with customers, conflict resolution, etc.) necessary to conduct an audit efficiently.

 

 

Course Structure

A combination of tutorials, syndicate exercises and role-play, including the following topics:

Day 1: Introduction to Information Security Management System (ISMS) concepts as required by ISO/IEC 27001

  • Normative, regulatory and legal framework related to Information   Security
  • Fundamental principles of Information   Security
  • The ISO/IEC 27001 certification process
  • Detailed presentation of the clauses of ISO/IEC 27001

Day 2: Planning and initiating an ISO/IEC 27001 audit

  • Fundamental audit concepts and  principles
  • Audit the approach based on evidence and on risk
  • Preparation of an ISO/IEC 27001 certification  audit
  • Documenting of an ISMS audit

Day 3: Conducting an ISO/IEC 27001 audit

  • Communication during the  audit
  • Audit procedures: observation, document review, interview, sampling techniques, technical verification, corroboration and evaluation
  • Drafting test plans
  • Formulation of audit findings, drafting of nonconformity reports

Day 4: Concluding and ensuring the follow-up of an ISO/IEC 27001 audit

  • Audit  documentation
  • Conducting a closing meeting and conclusion of an ISO/IEC 27001  audit
  • Evaluation of corrective action  plans
  • ISO/IEC 27001 surveillance audit and audit management program

Day 5: Certification Exam

 

Learning Benefits

  • To acquire expertise of performing an ISO/IEC 27001 internal audit, following the ISO 19011 guidelines
  • To acquire expertise of performing an ISO 27001 certification audit, following the ISO 19011 guidelines and the specifications of ISO 17021 and ISO 27006
  • To acquire necessary expertise for managing an ISMS audit team
  • To understand the operation of an ISO/IEC 27001

 

Audience

  • Internal auditors
  • Auditors wanting to perform and lead an ISMS certification   audits
  • Members of an Information Security  team
  • Technical experts wanting to prepare for an Information Security audit   function

 

Prerequisites

 

Delegates are expected to have the following prior knowledge:

Management systems

Understand the Plan-Do-Check-Act (PDCA) cycle.

Information security management (Knowledge of the following information security management principles and concepts):

  • Awareness of the need for information security;
  • the assignment of responsibility for information security;
  • incorporating management commitment and the interests of stakeholders;
  • enhancing societal values;
  • using the results of risk assessments to determine appropriate controls to reach acceptable levels of risk;
  • incorporating security as an essential element of information networks and systems;
  • the active prevention and detection of information security incidents;
  • ensuring a comprehensive approach to information security management;
  • Continual reassessment of information security and making of modifications as appropriate.

ISO/IEC 27001

Knowledge of the requirements of ISO/IEC 27001 (with ISO/IEC 27002) and the commonly used information security management terms and definitions, as given in ISO/IEC 27000.

 

 

Examination Information

The “PECB Certified ISO/IEC 27001 Lead Auditor” exam fully meets the requirements of the PECB Examination and Certification Program (ECP). The exam covers the following competence domains:

Domain 1: Fundamental principles and concepts in Information   Security

Main Objective: To ensure that the ISO/IEC 27001 Lead Auditor candidate can understand, interpret and illustrate the main Information Security concepts related to an Information Security Management System   (ISMS)

 

Domain 2: Information Security Management System (ISMS)

Main Objective: To ensure that the ISO/IEC 27001 Lead Auditor candidate can understand, interpret and illustrate the main concepts and components of an Information Security Management System based on ISO/IEC 27001

 

Domain 3: Fundamental Audit Concepts and Principles

Main Objective: To ensure that the ISO/IEC 27001 Lead Auditor candidate can understand, interpret and apply the main concepts and principles related to an ISMS audit in the context of ISO/IEC 27001

 

Domain 4: Preparation of an ISO/IEC 27001 audit

Main Objective: To ensure that the ISO/IEC 27001 Lead Auditor candidate can prepare appropriately an ISMS audit in the context of ISO/IEC 27001

 

Domain 5: Conduct of an ISO/IEC 27001 audit

Main Objective: To ensure that the ISO 27001 Lead Auditor candidate can conduct efficiently an ISMS audit in the context of ISO/IEC 27001

 

Domain 6: Conclusion and follow-up of an ISO/IEC 27001 audit

Main Objective: To ensure that the ISO/IEC 27001 Lead Auditor candidate can conclude an ISMS audit, and conduct the follow- up activities in the context of ISO/IEC 27001

 

Domain 7: Management of an ISO/IEC 27001 audit program

Main Objective: To ensure that the ISO/IEC 27001 Lead Auditor understands how to establish and manage an ISMS audit program

  • The “Certified ISO/IEC 27001 Lead Auditor” exam is available in different languages, such as English, French, Spanish and Portuguese
  • Duration: 3 hours

 

Certification

  • After successfully completing the exam, participants can apply for the credentials of PECB Certified ISO/IEC 27001 Provisional Auditor, PECB Certified ISO/IEC 27001 Auditor or PECB Certified ISO/IEC 27001 Lead Auditor depending on their level of experience. Those credentials are available for internal and external  auditors
  • A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential

 

 

  Location Start Date End Date Duration Availability Price
Dubai 2017-07-02 2017-07-06 5 days Available
$2,950.00

Dubai 2017-09-03 2017-09-07 5 days Available
$2,950.00

Dubai 2017-10-29 2017-11-02 5 days Available
$2,950.00

Dubai 2017-12-17 2017-12-21 5 days Available
$2,950.00


You are here: Home Training Services Governance and Risk ISO 27001 Information Security Courses