ISO 27001 Auditor / Lead Auditor

You need this course if

You wish to expand your knowledge about effective audit practices or you may wish to build on your existing auditing experience especially in auditing information security management systems and its related processes and procedures you may want to audit your existing ISMS processes for effectiveness and improvement you are a consultant providing advice on ISO/IEC 27001:2013 and require formal training and recognition through IRCA you are a security or quality professional who wishes to add ISO/IEC 27001:2013 to their skills set.

You will learn

Through a highly interactive approved International Register Certificated Auditors (IRCA) course, containing many practical examples, with the ability to learn through practice built into the course. The course covers- the importance of information security for the organisation and its customers how to review the typical documentation an organisation would prepare to meet the requirements of ISO/IEC 27001:2013 and how to produce a practical value added documentation audit report how to audit selected security controls how to plan, conduct and conclude a practical audit of security related organization how to control and work with an audit team with practical examples related to an ISMS audit  to gain the skill to audit processes and their interaction with other processes to report findings accurately and factually in terms that are valued by management to evaluate corrective actions effectively to eliminate causes of problems.

You will need

Knowledge of ISO/IEC 27001:2013 prior to attending this course; in particular, you must have prior knowledge of the following information security management principles and concepts:
  • Plan-Do-Check-Act cycle, possess knowledge of information security management principles and concepts, including: the need for information security (i.e. within your organisation/sector)
  • assignment of responsibility for information security (i.e. organisational structure and determination of responsibilities)
  • management commitment and the interests of stakeholders (i.e. within your organisation/sector)
  • enhancing societal values (i.e. data security, privacy, personal security and governance)
  • using the results of risk assessments to determine appropriate controls to reach acceptable levels of risk
  • incorporating security as an essential element of information networks and systems
  • active prevention and detection of information security incidents
  • ensuring a comprehensive approach to information security management
  • continual reassessment of information security and making modifications as appropriate
  • complete approximately 2 hours of pre course work prior to attending the course

Your future development

  • to gain IRCA auditor status 
  • this course meets the training requirements for certification as an IRCA ISMS auditor
  • LRQA business improvement courses

Course length

5 Days
Start Date End Date Venue Book course
Theobalds Park, Hertfordshire Book Now