Back to All Events

Master the Audit of Information Security Management Systems (ISMS) based on ISO/IEC 27001 - OPEN COURSE


Agenda

Day 1: Introduction to the information security management system (ISMS) and ISO/IEC 27001

  • Introduction to management systems and the process approach

  • Training course objectives and structure

  • Standards and regulatory frameworks

  • Certification process

  • Fundamental concepts and principles of information security

  • Information security management system (ISMS)

Day 2: Audit principles, preparation, and initiation of an audit

  • Fundamental audit concepts and principles

  • The impact of trends and technology in auditing

  • Evidence-based auditing

  • Risk-based auditing

  • Initiation of the audit process

  • Stage 1 audit

 Day 3: On-site audit activities

  • Preparing for stage 2 audit

  • Stage 2 audit

  • Communication during the audit

  • Audit procedures

  • Creating audit test plans

Day 4: Closing the audit

  • Drafting audit findings and nonconformity reports

  • Audit documentation and quality review

  • Closing of the audit

  • Evaluation of action plans by the auditor

  • Beyond the initial audit

  • Managing an internal audit program

  • Closing of the training course

Additional day: Certification Exam (duration 3 hours at the most convenient time for you)

Who should attend?

  • Auditors seeking to perform and lead Information Security Management System (ISMS) certification audits

  • Managers or consultants seeking to master an Information Security Management System audit process

  • Individuals responsible for maintaining conformance with Information Security Management System requirements

  • Technical experts seeking to prepare for an Information Security Management System audit

  • Expert advisors in Information Security Management

Learning objectives

  • To understand the operations of an Information Security Management System based on ISO/IEC 27001

  • Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks

  • Understand an auditor’s role in planning, leading, and following-up on a management system audit in accordance with ISO 19011

  • Learn how to lead an audit team

  • Learn how to interpret the requirements of ISO/IEC 27001 in the context of an ISMS audit

  • Acquire the competencies of an auditor to plan and lead an audit, draft reports, and follow-up on an audit in compliance with ISO 19011

Course duration

  • Duration of the course in 4 days, plus additional time for certification exam (3 hours at the most convenient time for you)

  • 4 days course include training materials and Certificate

  • The minimum number of participants (to organize the course) should be 5 persons

  • Course language is English

Additional options:

  • By separate agreement we arrange the courses in your company, let us know your interest and preferable dates and we will give you discounted prices for the groups. Course can take place in our locations, e.g in Tallinn, Estonia; Helsinki, Finland; or worldwide.

Price: 1 980 € (+VAT) per person

Earlier Event: January 1
Information Security Management Systems (ISMS) based on ISO/IEC 27001, In-house Course, CORPORATE TRAINING
Later Event: February 5
Lead Cybersecurity Manager based on ISO/IEC 27032 - OPEN COURSE