The aim of this course is to provide students with the knowledge and skills required to perform first, second and third-party audits of information security management systems against ISO/IEC 27001 (with ISO/IEC 27002), in accordance with ISO 19011 and ISO 17021, as applicable.
This course has been registered and certificated by the CQI IRCA Governing Body and satisfies the formal training requirements for individuals seeking registration under CQI IRCA or other auditor certification schemes.
Participant evaluation is through continuous assessment during the training course and an examination (2 hours) at the end of the course. A ‘Certificate of Achievement’ will be awarded to participants who passes both continuous assessment and the written examination.
Upon successful completion of the course, attendees will have the knowledge and skills to:
- Explain the purpose and business benefits of an information security management system standards, management system audits and of third-party certification.
- Explain the role of an auditor to plan, conduct, report and follow up an information security management system audit and or establish conformity (or otherwise) with ISO/IEC 27001 (and ISO/IEC 27002) in accordance with ISO 19011 and ISO 17021 where appropriate.
For successful completion of this course, it is expected that you have prior knowledge of the following management principles and concepts:
- The PDCA cycle
- Information management system
- Knowledge of the requirements of ISO 27001 and the commonly used Information security management system terms and definitions, as given in ISO 27000, which may be gained by completing a foundation training course in ISO 27001:2013.
This course is recommended for anyone who is planning to perform internal audits/preparing to become an external auditor of Information security management systems. Training can be done in classroom or online. For the online exams a LAN connection and webcam are required.
All our public courses can also be delivered in-house at your premises either as standard or tailored depending on the needs and requirements of your business.
To find out which training courses we offer in your country, click on "Find a local course", select your country and navigate to Information security and service; or Contact us if you are interested or want to know more on in-house courses.