Technology Services

Thumb

Management with adaptable practices

We denounce with righteous indige nation and dislike men who are so beguiled and demo realized by the charms of pleasure of the moment, so blinded by desire, that they cannot foresee the pain and trouble that are bound to ensue cannot foresee. These cases are perfectly simple and easy to distinguish. In a free hour, when our power of choice is untrammelled data structures manages data in technology.

ISO 27001 Foundation OutlineISO 27001 Lead Auditor Course Outline

This ISO 27001 Lead Auditor training course will explore the following modules:

Module 1: Introduction

  • The 27001 standard
  • 27001 mission
  • 27001 high-level methodology
  • 27001 focus
  • Common interrelationships
  • Review and monitor
  • Improvement and maintenance
  • Clauses of ISO 27001

Module 2: Information Security Management Systems (ISMS) and the ISO 27001 Standards Family

  • What is an ISMS?
  • Creating project plan according to ISMS ISO 27001
  • Establishing management and governance frameworks
  • ISMS principles
  • ISMS benefits
  • Scope of ISMS in an organisation
  • Introduction to management systems
  • Process approach
  • Fundamentals
  • The PDCA cycle

Module 3: Interaction with ISO 27005

  • What is ISO 27005
  • ISO 27001 vs ISO 27005
  • Quantifying the business impact
  • Impact severity

Module 4: Introduction to Auditing

  • Defining auditing
  • Types of audit
  • Techniques and principles
  • Phases of audit

Module 5: Performing ISO 27001 Audits

  • Preparing audit reports
  • Analysing data
  • Auditing procedures
  • Reviewing documents and reports
  • Validating reports
  • Designing and merging findings
  • Classifying findings
  • Planning, organising, and prioritising
  • Factors that affect the reliability of audit findings

Module 6: Internal Auditor

  • Roles and responsibilities of an internal auditor
  • Record review activities
  • Internal auditor checklist
  • Communication between departments
  • Drafting reports and test plans

Module 7: Risk Management

  • Analysing and evaluating risks
  • Managing risk approaches

Module 8: Risk Assessment and the Statement of Applicability (SOA)

  • Risk assessment summary
  • Conducting risk assessments
  • Risk assessment methodology
  • Risk assessment implementation
  • Risk treatment plan
  • Risk treatment implementation
  • ISMS risk assessment report
  • The Statement of Applicability (SOA)
  • Threats and vulnerabilities

Module 9: Roles and Responsibilities of a Lead Implementer

Module 10: Launch and Implement an ISMS in an Organisation

  • Apply the frameworks
  • Design writing procedures and controls
  • Implementing the controls
  • Training and awareness programme
  • Management’s role
  • Impediments and aids to success
  • Responsibilities of employees

Module 11: Certification

  • Certification Process - organisations
  • Steps to certification
  • Certification audits
  • Surveillance visits
  • Certification process - individuals
  • Procedures
  • Documentation
  • Information Security policies
  • Monitoring and reviewing within an organisation

Module 12: Security Controls and Incident Management

  • Management of incidents and operations
  • Annex A
  • Physical and environmental security
  • Operations
  • Communications
  • Managing incidents
  • Confidentiality and security of information in an ISMS
  • Business Continuity Management(BCM)
  • Control and act
  • Managing records
  • Monitoring controls
  • Indicating performance
  • Developing a matrix according to ISO 27001
  • Internal auditing
  • Review
  • Improvement programmes

Module 13: Introduction to ISO 27001 Lead Auditor

  • Qualifications of an auditor
  • IRCA code of conduct
  • Difference between conformance and compliance

Module 14: Preparing and Planning an Audit

  • Evaluation methods
  • Roles and responsibility of an auditor
  • Auditing schedule and time
  • Procedures and process flow
  • Plans and programs
  • Activities of an auditor
  • Audit checklists
  • Internal auditing goals
  • Internal auditing charter
  • Audit components
  • Purpose and extent of an audit
  • Confirming audit plans
  • Documentation

Module 15: Reviewing Process and Qualities

  • Inspection writing
  • Different review stages
  • Auditing approaches and methods
  • Data analysis
  • Collecting evidence
  • Checking
  • Taking notes
  • Observation
  • Audit findings
  • Auditor team meetings
  • Analysing reports from other auditors
  • Preventative and corrective actions
  • Conducting follow-ups

Module 16: Tasks of an Auditor

  • Preparing audit plans and checklists
  • Defining targets
  • Monitoring and logging
  • Handling stressful situations
  • Tips and recommendations
  • Intrusion and penetration testing
  • Inspection
  • Reporting audits
  • Follow-up actions
  • Auditing results
  • Submitting reports to higher management
  • Decision making

Who should attend this ISO 27001 Training Course?

This course is designed for those in the following job roles:

  • Quality Professionals
  • Security Managers
  • Internal and External Auditors
  • ISMS Auditors
  • Information Security Managers

This course is also intended for those responsible for leading audits of an ISMS that complies with ISO 27001 standards.

Prerequisites

There are no formal prerequisites for this ISO 27001 training course

ISO 27001 Lead Auditor Course Overview

The Knowledge Academy is Globally Recognised as the Industry Leader in ISO 27001 Certifications. Our "ISO Information Security Team” comprises of over 44 leading Information Security Audit Experts, who on average have more than 12 years of industry recognised Information Security Experience in ISO 27001 Certifications. Our instructors have developed a unique teaching style to help aspiring ISO 27001 Professionals to master the art of successfully Securing Digital Information. Our highly experienced ISO 27001 Experts are recognised in the industry as having the highest rated Information Security skills by employers. We Train and Develop highly competent Information Security Professionals, and most of them go on to work on large scale enterprise Information Security Audits and command the highest salaries in the industry.

This ISO 27001 Lead Auditor training course will provide delegates with the skills and abilities needed to audit ISO 27001 information security management systems. Delegates will learn how to implement audit plans, processes, principles, and techniques. They will also focus on managing auditing teams, performing internal and external audits, how to communicate successfully, and how to overcome conflicts. By the end of this course, delegates will be able to lead, plan, implement, and report on an ISMS audit within an enterprise conforming to ISO 27001 standards, and thus will become auditing experts.

ISO 27001 is all about Information Security Management. The effective security of confidential and sensitive information is essential to the successfulness of a business, so ISO 27001 intends to reduce the likelihood of data breaches. ISO, (the International Organisation for Standardisation), produces documents that determine specifications, requirements, and guidance to ensure that services, products, and procedures are delivered to the appropriate standard, and achieve their primary objective, thus complying to ISO 27001 is significant.

The Knowledge Academy offers 4 ISO 27001 training courses, which can be completed in their order of difficulty. To begin, there is the ISO 27001 Foundation course that needs to be completed firstly, as it is a prerequisite for the remaining ISO 27001 courses. Next in the sequence is ISO 27001 Internal Auditor, followed by ISO 27001 Lead Auditor and ISO 27001 Lead Implementer. These precise Auditor and Implementer training courses ensure delegates become accomplished in the auditing and implementation of information security.

What's included in this ISO 27001 Training Course?

This training course includes:

  • The ISO 27001 Lead Auditor Examination
  • The Knowledge Academy's ISO 27001 Lead Auditor Foundation Manual
  • Certificate
  • Experienced Instructor
  • Refreshments

IISO 27001 Lead Auditor Exam

At the end of this 5-day training course, delegates will be required to sit an exam. This exam is included with the course fee, and is formatted like so:

  • Multiple choice questions
  • Duration of 40 minutes
  • 50% pass mark
  • Closed book
4