Conducting regular internal audit sessions on your information security management system (ISMS), whether the organization is adhering or certified with the ISO/IEC 27001, is crucial for the success of the ISMS. Not to mention that auditing the ISMS is a requirement of the standard.The ISO 27001 ISMS Internal Auditor training is a two-day course begins with understanding the concept of Information Security Management, the requirements of ISO/IEC 27001:2013 certification standard, and its relation to the ISO 27000 series of standards for information security management, Also, where you will be taught how to manage the entire process – from planning, scheduling, conducting, and writing your internal audit report.This Internal Auditor course is based on the principles of ISO 19011:2011. It is designed for you to understand and conduct internal audit assessments of the ISO/IEC 27001:2013 certification standard.
At the end of this course, participants should be able to:
- To gain and understanding of ISO 27001 ISMS requirements
- Prepare, conduct and follow up on ISMS audit activities
- Be able to evaluate and manage the security policies and practices of the organization
Course Outline
- Session 1
- Introduction to information security management systems
- Objectives and benefits of an ISMS
- Fundamental concepts and principles of the ISMS
- Fundamental audit concepts and principles
- The ISMS Audit Planning
- The ISMS Audit Preparation
- Session 2
- Conducting an ISMS Audit
- Recording the audit results
- Presenting reports
- Conducting Audit Follow-Up
- Preparing for Certification
Course Duration
- 2 half days – online
Delivery Methodologies
- Instructor-led online lectures,
This course is recommended for
- Managers or executives responsible for the security and confidentiality of their business-critical information.
- Internal Auditor
- Information Security Personnel
- People who wish to understand and conduct internal audit assessments on the ISO/IEC 27001.