Aims:

This course aims to provide participants with the knowledge and skills necessary to carry out audits of management systems against ISO 27001.

Upon completion of this Course, delegates will be able to:

• Explain the purpose of an information security management system (ISMS) and explain the processes involved in establishing, implementing, operating and monitoring, reviewing and improving an ISMS as defined in ISO 27001, including the significance of these for ISMS auditors;
  
  
• Explain the purpose, content and interrelationship of ISO 27001, ISO/IEC 17799 and ISO 19011, ISO/IEC TR 13335 Parts 3 and 4 (GNITS), EA 7/03 and the legislative framework relevant to an ISMS;
  
  
• Explain the role of an auditor to plan, conduct report and follow up an ISMS audit in accordance with ISO 19011;
  
  
• Interpret the requirements of ISO 27001 and EA 7/03 in the context of an ISMS audit;
  
  
• Undertake the role of an auditor to plan, conduct, report and follow up an audit in accordance with ISO 19011.
  

Profile:

The objective of each Course is to equip delegates with knowledge and skills required to perform audits of information security management systems against the national and international specifications, standards, statutory requirements and regulations using the principles of ISO 19011.

The course is not intended to be an implementer’s course and delegates are expected to have some prior experience of information security management or of ISO 27001.

This course is certificated by the IRCA. Course number: A17179.