This course is intended to provide participants with a practical and systematic way to conduct internal audit of ISMS based on the ISO 27001:2005.
Participants will learn to perform a process approach value adding audit as well as learn an effective technique to improve your ISMS performance.
Course Outline
- Recap of ISO 27001:2005 requirements
- ISMS audits vs QMS / EMS / OHMS audits
- Effective techniques in ISMS audits
- Auditor attributes
- Audit planning
- Audit execution
- Opening meeting
- Gathering objective evidence
- Evaluating audit findings
- Closing meeting
Who should attend
IT security professionals, management staff responsible for information security as well as all other professionals and executives responsible to conduct ISMS internal audits.
Training Methodology
More than 40% of time will be spent on Highly interactive case studies, role plays and practical exercises.
Delegate assessment shall be based on a written examination of one hour. All questions in the written examination shall be attempted and the pass mark is 70 out of 100 marks.
A certificate of achievement will be issued to delegates who successfully meet the course requirements.
A certificate of achievement will be issued to delegates who
successfully meet the course requirements. |
