This intensive course that includesoptional exam on the final afternoonenables participants to develop the expertise needed to audit an Information Security Management System (ISO 27001) and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques. During the training, the participant will acquire the knowledge needed to plan and perform audits compliant with the certification process of standard 27001:2005. Based on practical exercises, the participant will be able to develop the abilities (mastering audit techniques) and skills (managing audit teams and audit program, communicating with customers, conflict resolution, etc.) necessary to the conduct of an audit. The training is based on management system audit guidelines (ISO 19011:2002) as well as international audit best practices: the International Federation of Accountants (IFAC), the American Institute of Certified Public Accountants (AICPA), the Information Systems Audit and Control Association (ISACA) and the Institute of Internal Auditor (IIA). An audit kit developed by experienced auditors will be distributed to participants.
Students should have basic knowledge of ISO 27001 and ISO 27002 standards is recommended.
5 Days/Lecture & Lab
-Persons wanting to lead ISO 27001 certification audits as the person in charge of an audit team -Consultants wanting to prepare and support a company in an audit certification ISO 27001 -Internal advisors to a company or internal auditor who wants to prepare and support his company in a certification audit ISO 27001 -Persons in charge of information security or conformity internally for the organization -Expert advisors in information technology
- Introduction to the management of an Information Security Management
- Launching an ISO 27001 audit
- Conducting an ISO 27001 audit
- Closing an ISO 27001 audit
- Review and Examination