CQI and IRCA Accredited Information Security Management System (ISO 27001:2013 ) Lead Auditor Course
Information Security is vital for an organization to maintain its competitive edge. It is also therefore, an area of an organization’s operations which most needs control. Implementing a vigorous and repeatable Information Security auditing process ensures minimizing of external and internal security threats while maximizing customer trust and corporate profits.
CQIMC Training has designed this ISMS Auditor/Lead Auditor Training Course (in accordance with CQI and IRCA Guidelines) to help delegates fully understand and implement effective information security and management system practices.
Aims of the course
The aim of this course is to provide students with the knowledge and skills required to perform first, second and third-party audits of information security management systems against ISO/IEC 27001 (with ISO/IEC 27002), in accordance with ISO 19011 and ISO 17021, as applicable. All references in this document to ISO standards are to the current versions unless otherwise stated.
ISMS Lead Auditor certification
Delegates who successfully complete this ISMS Auditor/Lead Auditor course (within the three years prior to making an application to become a certificated auditor) will satisfy the training requirements for initial certification as an IRCA ISMS auditor.
On completion, successful students will have the knowledge and skills to:
Explain the purpose and business benefits of an information security management system, of information security management systems standards, of management system audit and of third-party certification .
Plan, conduct, report and follow up an audit of an information security management system to establish conformity (or otherwise) with ISO/IEC 27001 (with ISO/IEC 27002) in accordance with ISO 19011 (and ISO 17021 where appropriate).
After attending this course delegates will be able to define the following terms:
- Explain the purpose and the benefits of ISMS system audits
- Explain the need for auditor independence
- Explain the phases of a structured audit
- Identify the factors which are important to consider when compiling an audit schedule
- Prepare to conduct an audit
- Prepare an audit checklist
- Conduct audit interviews, observe processes and examine documents to obtain objective evidence about the status of a ISMS system
- Prepare statements of non-conformity to enable appropriate corrective action to be initiated
- Prepare and present verbal and written audit reports
- Decide on an appropriate follow-up audit
- Evaluate corrective action plans