Internal Auditor Training
ISO 27001:2013 Information Security Management Systems (ISMS)
On successfully completing the course, delegates will be capable of performing effective internal audits of a company’s information security management systems and reporting the outcome.
They will be able to audit a company’s information security management system and determine whether or not it meets the requirements of the relevant audit criteria.
The course covers details of the requirements of ISO/IEC 27001:2013 and auditing requirements as per ISO 19011:2011).
At the conclusion of this course delegates will have been provided with:
- • an understanding of the structure of the standard
- • an understanding of the underlying philosophy and the principles, concepts and requirements of information Security and how to apply them within an audit context
- • An appreciation of the importance of controlling Information Security in all types of business activities
- • A basic knowledge of Information Security Issues
- • An appreciation of Risk Analysis process
- • A detailed review and interpretation of the main requirements of ISO IEC 27001:2013
- • Insight of the importance of Information Security Legislation
- • Expertise on how to use Annexure A of ISO/IEC 27001:2013
- • An appreciation of documented management systems to control Information Security
All levels of company members from Chief Executive to Workforce. This course is not only a requirement for those who are to be used for internal information security audits, but also an essential course for Senior Management, Information Security Managers and Line Management who wish to have and be part of a successful and effective Information Security System.
No Prior knowledge is required. However, if one has prior experience/ knowledge of a Management System (such as ISO9001 or ISO14001) or familiarity with Information Security Issues, this could be an added advantage but this is not compulsory.
Courses are held at various locations but, if requested, can be held at your premises. Please contact your local office for details.
- • Recap of ISMS concepts and principles- Information Asset, Risk, Risk Assessment, Threat, and Vulnerability.
- • Detailed Review of ISO/IEC 27001:2013 - Examination of requirements of the standard
- • Review Annexure A of ISO/IEC 27001:2013 along with significant changes.
- • Consolidate learning through Quiz on ISO/IEC 27001:2013 and Exercise on new elements of Annexure-A
The maximum number of delegates for this course is 20, the minimum number is four.
This is a 2 days course
For more details or any course registration please contact: