Beroepsbeeld: waar werk je en wat doe je?This fully accredited interactive classroom course covers the nine key steps involved in planning, implementing and maintaining an ISO 27001-compliant information security management system (ISMS). This certificated, practitioner-led course equips you with the skills to lead an ISO 27001-compliant ISMS implementation project.
PCI SSC has indicated that it accepts GASQ certifications in relation to the IBITGQ courses as meeting the requirements of an individual applying to become a Payment Card Industry Data Security Standard (PCI DSS) Qualified Security Assessor (QSA).
Attendees take the ISO 27001 Certified ISMS Lead Auditor (CIS LA), ISO 17024-certificated, exam set by IBITGQ at the end of the course. This is a 90-minute multiple-choice online exam, consisting of 40 questions. Candidates need to achieve a minimum of 65% to pass. There is no extra charge for taking the exam.
OpleidingsinhoudThe ISO 27001 Certified ISMS Lead Auditor course outline
This fully accredited course equips you with the skills to conduct second-party (supplier) and third-party (external and certification) Information Security Management System audits. It covers the best-practice audit methodology based on ISO 19011 allowing you to master audit techniques.
Packed full of hands on practical exercises you will gain the skills and expertise needed to competently manage an ISMS audit program. Build your career as a lead auditor, lead a team of auditors and achieve compliance with ISO 27001.
At the end of the course you sit the ISO 27001 Certified ISMS Lead Auditor exam. You can demonstrate your professional and practical knowledge and expertise by registering your qualification on the GASQ successful candidate register.
This course is also accredited by the Institute of Information Security Professionals (IISP), and satisfies the IISP Skills Framework requirements at Level 1: A1, A3, A7, C1, C2, D2, E3, F2, H1 and H2; and at Level 1+: A2, A4, A5, A6, B1, B2, D1, E1, E2, F1 and G1
What does the ISO 27001 Certified ISMS Lead Auditor course cover?
- An overview of the structure and major requirements of ISO/IEC 27001.
- An overview of the audit process used by certification bodies.
- The purpose, benefits and core principles of effective auditing.
- Common auditing terms and definitions.
- Critical skills required for performing an audit.
- Best-practice audit methodology based on ISO 19011.
- How to establish, maintain and manage an audit programme.
- How to plan, conduct, report, summarise and follow-up on an audit.
- Effective interviewing techniques and observation skills.
- How to use audits to identify nonconformities and ensure appropriate corrective action is taken.
- How to assess and evaluate the competence of auditors.
- Accredited certification audit specifics.
- How the audit process is used in first, second and third-party audits.
- How to apply continual improvement of the ISMS.
Toelatingseisen: wat heb je nodig?Before joining this course, you need to have attended the ISO27001 Certified ISMS FoundationISO27001 Certified ISMS Lead Implementer training course or, you have a good working knowledge of ISO 27001 gained through practical experience.
KostenWhat’s included in this course?
- A professional training venue;
- Lunch and refreshments;
- Full course materials (digital copy provided as a PDF file);
- The ISO 27001 ISMS Lead Auditor exam; and
- A certificate of attendance.
- Purpose and benefits of audits
- Role of auditors
- Role of standards in audits
- Audit terms and definitions
- Principles of auditing<
- Managing an audit programme
- Performing an audit
- Observing and listening
- Reporting and Summarising Audit Findings
- Conducting Audit Follow-up
- Competence and Evaluation of Auditors
- Accredited Certification Audit specifics
- Auditing an Information Security Management System to ISO 27001:2013