BSI’s ISO/IEC 27001:2005 Information security management system internal auditor course teaches students the fundamentals of auditing information security management systems to ISO/IEC 27001. This course teaches students how to conduct audits within their organization. The auditing exercises and lectures are based on ISO 19011:2002, “Guidelines for Quality and/or Environmental Management Systems Auditing.” Experienced instructors guide students through internal audits that are required for a quality management system based on ISO/IEC 27001:2005. Students gain necessary auditing skills through a balance of formal classroom tutorials, group workshops, and open forum discussions.
Learning objectives
- Review the requirements of ISO/IEC 27001
- Understand the relationship between ISO/IEC 27001 and ISO/IEC 27002
- Learn how to assess security threats and vulnerabilities
- Understand security controls and countermeasures
- Understand the roles and responsibilities of the auditor
- Learn how to plan, execute, report, and follow-up on an information security management system audit
Course materials
Students receive comprehensive course manuals with reference materials.
Who should attend
- IT Security officers
- IT Managers
- Information security consultants
Prerequisite
A prior review of ISO/IEC 27002 and ISO/IEC 27001 would be beneficial.