ISO/IEC 27001:2022 Information Security Management Systems Internal Auditor

Course Description

Duration: 2 days – 14 hrs

Overview

The Information Security Management Systems, or ISMS, standard specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization.

This two-day course begins with the understanding of the concept of Information Security Management, the requirements of ISO/IEC 27001:2013 certification standard, and its relation to the ISO 27000 series of standards for information security management. This Internal Auditor course is based on the principles of ISO 19011:2011. It is designed for those people who wish to understand and conduct internal audit assessments to the ISO/IEC 27001:2013 certification standard and its relation to the ISO 27000 series of standards for information security management.

Objectives

To gain an understanding of the ISO/IEC 27001:2013 requirements
Prepare, conduct and follow-up on ISO/IEC 27001:2013 audit activities
Gain the skills to assess an organization’s capability to manage its ISMS
Write factual audit reports

Audience

Managers or executives responsible for the security and confidentiality of their business-critical information
Those people who wish to understand and conduct internal audit assessments to the ISO 27001:2005 certification standard and its relation to the emerging ISO 27000 series of standards for information security management

Pre- requisites