Course Description
OVERVIEW
Any management system’s success depends on effective auditing. As a result, it involves a great deal of responsibility and challenges. InfosecTrain’s ISO 27001:2022 Lead Auditor training and certification course is a five-day intensive course to inculcate in participants the knowledge to perform an Information Security Management System (ISMS) audit by employing recommended audit fundamentals, principals, procedures, and methodologies.
Our course curriculum is aligned with the latest changes in ISO 27001 (from ISO 27001:2013 to ISO 27001:2022) that will teach participants all they need to know about audit principles, preparation, and initiation. During this training, participants will acquire the skills necessary to manage an internal audit program effectively, document audit findings, close the audit, evaluate action plans, and understand the impact of trends and technology in auditing, risk-based auditing, evidence-based auditing, and the beginning of the audit process. The participants will acquire the expertise needed to conduct an audit successfully based on practical exercises.
Course Objective
- Fundamental concepts and principles of information security
- ISO/IEC 27001 certification process
- Information Security Management System (ISMS)
- The ISO/IEC 27000 family of standards
- Advantages of ISO/IEC 27001
- Fundamental of information and assets
- Fundamental principles of information security confidentiality, integrity, and availability
- Preparation of an ISO/IEC 27001 certification audit
- ISMS documentation audit
- Big data, artificial intelligence, machine learning, and cloud computing
- Auditing outsourced operations
- Communication during the audit
- Audit procedures: observation, document review, interview, sampling techniques, technical verification, corroboration, and evaluation
- Audit test plans
- Formulation of audit findings
- Audit approach based on risk
- Drafting a nonconformity report
- Audit documentation
- Quality review
- Conducting a closing meeting and conclusion of an ISO/IEC 27001 audit
- Evaluation of corrective action plans
- Establishing contact with the auditee
- Internal audit management program
Requirements
- Certified ISO/IEC 27001 Foundation Certification or basic knowledge of ISO/IEC 27001 is recommended.
Target audiences
- Ethical Hackers
- Penetration Testers
- Network server administrators
- Firewall Administrators
- Security Testers
- System Administrators and Risk Assessment professionals