BSI's "ISO/IEC 27001:2005 Lead Auditor" course teaches students the fundamentals of auditing information security management systems to ISO/IEC 27001:2005 (BS 7799-2:2002). This five-day intensive course trains students on how to conduct audits for certification bodies and facilitate the ISO/IEC 27001:2005 registration process. The auditing exercises and lectures are based on ISO 19011:2002, "Guidelines for Quality and/or Environmental Management Systems Auditing." The course is designed specifically for those people who wish to conduct external assessments or internal audits to ISO/IEC 27001:2005, although students will also gain the knowledge and understanding necessary to give practical help and information to other individuals and organizations working toward conformance to the standard.
*IRCA Certified Course (A17287)
This course is certified by the International Register of Certificated Auditors (IRCA) and meets training requirements for those seeking registration as a lead auditor under their ISMS scheme.
Learning objectives
- Review the Requirements of ISO/IEC 27001;2005
- Understand the Relationship between ISO/IEC 27001:2005 and ISO/IEC 27002:2005
- Learn how to Assess Security Threats and Vulnerabilities
- Understand Security Controls and Countermeasures
- Understand the Roles and Responsibilities of the Auditor
- Learn How to Plan, Execute, Report, and Follow-up on an Information Security Management System Audit
Course materials
Students receive comprehensive course manuals with reference materials.
Who should attend
- IT Security Officers
- IT Managers
- Auditors interested in ISO/IEC 27001:2005 or ISO/IEC 27002:2005
- Information Security Consultants
Prerequisite
A prior review of ISO/IEC 27002:2005 and ISO/IEC 27001:2005 and knowledge of information security practices is required.
