ISO/IEC 27001:2013 Internal Auditor Training
ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in ISO/IEC 27001:2013 are generic and are intended to be applicable to all organizations, regardless of type, size or nature.
The purpose of this two-day Internal Auditor Training course is to give delegates the necessary skills to perform internal audits on an organization’s Information Security Management Systems (ISMS) and to contribute to its continual improvement. The training helps participants identify and control threats an organization faces from any information security controls lapses and how to effectively put in place measures to address those risks.
This course will also explain the role and responsibilities that the auditor must consistently demonstrate, including the need to display fairness, integrity, confidentiality and a focus on evidence-based decision making.
At the end of this course, participants will be able to:
- Explain the purpose and structure of ISO 27001
- Plan and prepare for an internal audit, gather audit evidence through observation, interview and sampling of documents and records,
- Write factual audit reports that help to improve the effectiveness of the ISMS
- Suggest ways in which the effectiveness of corrective action might be verified
This course covers the following topics:
● Introduction to information security management systems
● Key Principles and Concepts of the ISMS
● Certification to ISO/IEC 27001:2013
● The ISO 27000 series of standards
● The ISMS Audit Planning
● The ISMS Audit Preparation
● Conducting an ISMS Audit
● Audit reporting and non-conformances
● Root Cause Identification
● Conducting Audit Follow-Up
- Training Material
- Course Certificate
- Lunch and refreshments
- IT managers
- Systems managers
- Information security officers
- Management representatives of ISO/IEC 27001
- IT experts
- Those involved in ISO/IEC 27001 implementation
- Individuals interested in conducting, managing, or participating in ISM based internal audits
AQTS reserves the right to cancel or re-schedule the course and to change the course instructors. In the event of course cancellation, AQTS will not be responsible for airfare penalties or other travel related expenses that you may incur.
- If you need to cancel, we will refund your paid registration fee as noted below.
- Requests for cancellations/transfers received at least 5 business days before the start of the course receive a full refund/transfer.
- Requests received within 5 business days of the course start date will incur a $100 processing fee.
- After the course starts, there are no refunds or transfers.
- Registrants who fail to attend without advance notice are liable for the entire course fee.
If you cannot find a substitute, we can transfer your course fees to the same course in next offering.
A Certificate will be issued to attendees who participate in the entire course.
A prior review of the ISO 27001:2013 and knowledge of information security practices and an understanding of auditing principles is suggested for this course.
- Instructor led classroom training course.
- Classroom based training allows high level of instructor student interaction.
- For Price and available discounts click register
- For group discount (3 or more) call 713-789-0885
- On-site training programs are the cost-effective way to train employees on your schedule.
- On-site training minimizes cost and ensures that the content is specific to your needs.
- For on-site course