BSI’s ISO/IEC 27001:2005 – Information security management system lead auditor teaches students the fundamentals of auditing information security management systems to ISO/IEC 27001. This five day intensive course trains students on how to conduct audits for certification bodies and facilitate the ISO/IEC 27001 registration process. The auditing exercises and lectures are based on ISO 19011:2002, “Guidelines for Quality and/or Environmental Management Systems Auditing.” The course is designed specifically for those people who wish to conduct external assessments or internal audits to ISO/IEC 27001, although students will also gain the knowledge and understanding necessary to give practical help and information to other individuals and organizations working toward conformance to the standard.
*IRCA Certified Course (A17287)
This course is certified by the International Register of Certificated Auditors (IRCA) and meets training requirements for those seeking registration as a lead auditor under their ISMS scheme.
Learning objectives
- Review the requirements of ISO/IEC 27001
- Understand the relationship between ISO/IEC 27001 and ISO/IEC 27002
- Learn how to assess security threats and vulnerabilities
- Understand security controls and countermeasures
- Understand the roles and responsibilities of the auditor
- Learn how to, plan, execute, report, and follow-up on an information security management system audit
Course materials
Students receive comprehensive course manuals with reference materials.
Who should attend
- IT Security officers
- IT Managers
- Auditors interested in ISO/IEC 27001 or ISO/IEC 27002
- Information security consultants
Prerequisite
A prior review of ISO/IEC 27002 and ISO/IEC 27001 and knowledge of information security practices is required.
