This two-day course has been developed to help information security managers or those responsible for implementing ISO 27001, to conduct internal audits against ISO 27001:2013 requirements, based on a six-stage approach to ensure best practices within the organisation.
This course will explain the role and responsibilities that an auditor must consistently demonstrate, including the need to display fairness, integrity, confidentiality and a focus on evidence-based decision making.
Who should attend?
- Any individual responsible for managing an organisation’s information security
- Individuals required to perform internal audits of ISMS against ISO 27001 requirements
- Any experienced auditor looking to extend its role into information security.
What will you learn?
- The structure and content of ISO 27001
- Protect your organisation from a breach in information security
- Internal ISMS audits - role and contribution
- Role and responsibilities of an internal ISMS auditor
- Plan your audits by developing effective checklists
- Verify the conformity of your current practices
- Improve the stability and robustness of your ISMS
- Planning, seeking objective evidence, reporting findings accurately and ensuring that corrective action has been applied and followed up when necessary
- To plan, perform and report on your overall performance.
What do you need to prepare?
- The knowledge about the types of data held by your organisation and the methods used to store and process this data
- A good understanding of ISO 27001 and its requirements
- The knowledge presented in LR’s Introduction to ISO 27001:2013 requirements and ISO 27001:2013 Implementation courses.
- 13.5 CPD hours
- Training course materials
- Lunch and refreshments for public attendees only
- Certificate of attendance.
Your future development
- ISO 27001:2013 Lead Auditor CQI & IRCA certified
- GDPR Data Protection Officer Workshop
- Data Protection Impact Assessment Workshop.