Course facts

Understanding how an information security management system based on ISO/IEC 27001 works
Understanding the relationships between ISO/IEC 27001, ISO/IEC 27002 and other standards and regulations
Understanding the role of an auditor: planning, performing and following up an ISO 19011 management system audit
Leading an audit and an audit team
Interpreting the requirements of ISO/IEC 27001 in the context of an ISMS audit
Acquiring the skills of an auditor: planning, conducting, reporting and following up an ISO 19011 audit

Day 1: Introduction to Information Security Management Systems (ISMS) and ISO/IEC 27001

Day 2: Audit principles, preparation and launching of an audit

Day 3: On-site audit activities

Day 4: Closing the audit

Day 5: Certification Exam

This training is based on both theory and best practices used in ISMS audits :

Lecture sessions are illustrated with examples based on case studies
Practical exercises are based on a case study which includes role playing and discussions
Practice tests are similar to the Certification Exam

Auditors seeking to perform and lead Information Security Management System (ISMS) certification audits
Managers or consultants seeking to master an Information Security Management System audit process
Individuals responsible for maintaining conformance with Information Security Management System requirements
Technical experts seeking to prepare for an Information Security Management System audit
Expert advisors in Information Security Management

A fundamental understanding of ISO/IEC 27001 and comprehensive knowledge of audit principles, equivalent to the training :

Training material containing over 600 pages of information and practical examples will be distributed.