Menu Close
  • Home
  • ISO 27001: 2013 Lead Auditor
    •

ISO 27001: 2013 Lead Auditor

0 Comments

This course is intended to qualify ISO 27001:2013 auditors to conduct effective audits of an organization’s information security management system.

Understand the requirements of ISO 27001:2013 to be able to conduct a successful audit. The course includes hands-on workshops to prepare you for real-life auditing situations. You’ll learn to manage the audit process and complete reporting.

This course is being offered in cooperation with DEKRA AQS, an Exemplar Global certified provider.

Questions? We Can Help.

Course Data

  • CEU Hours : 0
  • Length : 34 Hours
  • ASQ RU : 3.4
  • Audience : Practitioner, Professional
  • Provider : ASQ

Learning Objectives:

  • Interpret and apply the ISO 27001:2013 requirements
  • Recognize relationship between ISO 27000, ISO 27001, and ISO 27002
  • Define information security management (ISMS) terminology
  • Demonstrate how ISMS planning, policy, objectives, and processes are implemented
  • Explain the difference between legal compliance and conformity
  • Define the relationship between an organization’s operational informational security requirements and the ISO 27001:2013 standard
  • Assess effectiveness of an organization’s information security risk assessment methodologies
  • Evaluate risk assessment and risk treatment results to ensure they are appropriately identified within the organization’s statement of applicability
  • Apply auditing principles, procedures, and methods identified in ISO 19011:2018
  • Establish audit objectives for the audit program
  • Determine the feasibility of an audit
  • Prepare work documents for an audit
  • Apply all aspects of the on-site audit activities
  • Define audit roles and responsibilities
  • Document audit results, findings, and conclusions
  • Identify and apply sampling techniques
  • Develop an audit plan
  • Demonstrate effective communication and interview skills
  • Identify roles and responsibilities of audit team leaders
  • Incorporate audit objectives, scope, and criteria into audit planning
  • Select audit team members and assign tasks
  • Identify, evaluate, and address risks in an audit plan
  • Develop and manage the opening and closing meetings
  • Resolve conflict during an audit
  • Prepare an audit report to address all findings during an audit
  • Perform audit follow-up activities
  • Apply remote auditing methods

Prerequisites:

All attendees are required to bring their own copy of the ISO/IEC 27001:2013: Information technology – Information security management systems – Requirements to this training and ISO/IEC 27002:2013: Information technology – Security techniques – Code of practice for information security controls. Copies will not be provided for you.

Who Should Attend:

Those responsible for planning and scheduling an internal audit program for ISO 27001:2013 and those who must perform audits to ISO 27001:2013, management representatives, security consultants, IT professionals, information security officers, managers, or anyone interested in conducting first-party, second-party, or third-party audits.

Day One

  • Introduction to information security (IS)
  • Benefits of an ISMS
  • ISO 27000 family of documents
  • ISO 27001 standard
  • ISO 27001 annex list of controls

Day Two

      • Controls in ISO 27002
      • Evaluate effectiveness of information security management system (ISMS)
      • Information security risk assessment methodologies
      • Analyze controls in Statement of Applicability as they relate to treatment of risk
      • Organization’s monitoring, measurement, analysis, and evaluation activities
      • Legal compliance and conformity
      • Apply standard and annex to scenarios

Day Three

        • Management system audits
        • Types of audits
        • Audit approaches
        • Audit objectives, scope, and criteria
        • Audit risks and opportunities
        • Roles and responsibilities
        • Audit techniques
        • Audit cycle

Day Four

          • Audit team leaders
          • Audit plan
          • Combined audits
          • Conduct audits
          • Opening meetings
          • Team briefings
          • Closing meeting
          • Audit report
          • Audit follow-up

ASQ reserves the right to cancel or re-schedule courses and to change instructors. Please be advised that in the event of a course cancellation, ASQ is not responsible for airfare penalties or other travel related expenses you may incur.

If you need to cancel, we will refund your paid registration fee as noted below.

  • Requests for cancellations/transfers received at least 5 business days before the start of the course receive a full refund/transfer.
  • Requests received within 5 business days of the course starting incur a $150 processing fee.
  • After the course starts, there are no refunds or transfers.
  • Registrants who fail to attend without advance notice are liable for the entire course fee.
  • If you cannot find a substitute, we can transfer your course fees to another ASQ course of your choice.

 

Related posts:

f17ca3tavvu06fxuxuoo-8461032ISO/IEC 27001 man-giving-business-presentation-using-high-technology-digital-pen_53876-104783-3217653ISO 27001 Certification Simplified test2_0-2481644ISO 27001 Lead Auditor information security management training ddls_and_pecb_partner_to_deliver_iso_27001_information_security_training_in_australia_-_rise_in_adoption_-_blog_image_-_1920-2349347ISO 27001 Lead Auditor

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *