Designed for people who wish to conduct external audits on behalf of assessment bodies for ISO 27001 certification, but also suitable for those who need to conduct thorough internal audits on behalf of their own organisation.
To give a basic understanding of:
- The purpose of an ISMS and the processes involved in establishing, implementing, operating, monitoring, reviewing and improving an ISMS as defined in ISO 27001, including the significance of these for ISMS auditors
- The purpose, content and interrelationship of ISO 27001:2013, the international standard ISO 17799:2005 and ISO/IEC 13335 Parts 1 & 2 (MICTS) and ISO/IEC TR 18044:2004, EA 7/03 and the legislative framework relative to an ISMS
- The role of an auditor to plan, conduct, and follow up an ISMS audit in accordance with ISO 19011 and the guidance criteria contained in EA 7/03
- Interpret the requirements of ISO/IEC 27001 & EA 7/03 in the context of ISMS audit
- Undertake the role of an auditor to plan, conduct, report and follow up an ISMS audit in accordance with ISO 19011
- Delegates who gain a pass mark in the examination will be deemed to have met the training requirements for registration as an Auditor/Lead auditor
IRCA prior knowledge requirements (IRCA 2245)
Before starting this course delegates are expected to have prior knowledge of Information security management and management system auditing.