PQI | AASTMT
AASTMT
Friday, 29th March, 2024

Information Security Management Systems Lead Auditor Course


Information Security Management Systems Lead Auditor Course.

Course enables participants to develop the expertise needed to audit an Information Security Management System (ISO 27001) and to manage a team of auditors by applying widely reorganized audit principles, procedures and techniques.

During the training, the participant will acquire the knowledge needed to plan and perform audits compliant with the certification process of standard 27001. Through an exciting accelerated learning approach, you will be able to follow the stage in the live audit including simulated audit interviews and role-plays.

The participant will be able to develop the abilities mastering audit techniques, and skills for managing, audit teams and audit program, communicating with customers, conflict resolution, etc. This course meets the training requirements for those seeking registrations as an auditor under the CQI|IRCA Auditor Registration scheme.

Course Objectives

  • Understand the application of the Information Security Management System in ISO 27001 context.
  • Understand the relationship between Information Security Management System, including the management of risks and controls and the various stakeholders.
  • Understand audit principles, procedures, techniques, and being able to apply them in the audit framework.
  • Understand the legal, statutory or contract obligations relevant during an ISMS audit.
  • Acquire the personal skills required to perform an audit in an effective and cost-effective manner, and managing an audit team.
  • Preparing and completing an audit report ISO 27001.

Course Contents

  • Introduction and overview of Information Security Management Systems.
  • ISO 27001 Structures.
  • Information security Risk Assessment.
  • Introduction to Audit.
  • Audit Planning and Preparation.
  • Conduct the Audit.
  • Audit Review, Reporting and Follow-up.

Duration

  • 5 Days / 40 Hrs.

Course Prerequisite:

Delegates must have the following prior knowledge:
  • Understand the Plan-Do-Check-Act (PDCA) cycle.
  • Awareness of the need for information security.
  • The assignment of responsibility for information security.
  • Incorporating management commitment and the interests of stakeholders.
  • Enhancing societal values.
  • Using the results of risk assessments to determine appropriate controls to reach acceptable levels of risk.
  • Incorporating security as an essential element of information networks and systems.
  • The active prevention and detection of information security incidents.
  • Ensuring a comprehensive approach to information security management.
  • Continual reassessment of information security and making of modifications as appropriate.
  • The requirements of ISO/IEC 27001 (with ISO/IEC 27002) and the commonly used information security management terms and definitions, which may be gained by completing an IRCA certified ISMS Foundation Training course or equivalent.

Certification

  • Delegates shall be awarded a certificate of successful completion for passing the written examination and the continual assessment.
  • Non Successful delegates shall receive a certificate of attendance approved by AASTMT.
  • Successful delegates shall receive certificate approved by CQI|IRCA

Teaching Language

  • English / Arabic

Location

  • Productivity and Quality Institute or Company Headquarters

Instructor/Trainer Qualification

  • Fulfills CQI|IRCA requirements for this scheme.

Back to CQI|IRCA Certificated Training Courses.