ISO 27001 Lead Auditor

Description

ISO 27001 Information Security Management System Lead Auditor Course

The “ISO 27001: 2013   Lead  Auditor” course provides comprehensive training in the ISO 27001: 2013   standard and all its requirements from the Lead auditor’s point of view, as well as basic skills necessary to Lead  audit activities. It’s a practical-oriented training that should be considered “a must” for every ISO 27001: 2013   Lead auditor. The interactive training program, complete with quizzes, will provide the necessary technical knowledge and understanding of all ISO 27001: 2013   requirements to implement the requirement of the standard and  complete ISO 27001: 2013   audit . This ISO Lead auditor training should be taken by  individual with interest in conducting internal as well as third part audits according ISO 27001: 2013  standards.

COURSE OBJECTIVES

Participants will learn how to:

• Audit each and every ISO 27001: 2013 requirements
• Implement methods to comply with the ISO 27001: 2013 requirements.
• Audit process and techniques
• Examine the requirements of ISO 27001: 2013 from an Lead Auditor Perspective
• Write Auditing reports and follow-up corrective action
• Plan, conduct and Lead ISO 27001: 2013 audit, and report audit results;
• Effectively use root cause analysis as part of the ISO 27001: 2013 to validate corrective action

 WHO NEEDS THIS COURSE?
• Persons responsible for conducting Lead an external audits according to ISO 27001: 2013   requirements
• HSE Managers, Environmental Manager/ Coordinators

COURSE CONTENT

Background and Development of ISO 27001: 2013  

Definition of ISO 27001: 2013

Major Changes in ISO 27001: 2013

Benefits of ISO 27001: 2013

Types Of Audits

Why Management System Audits are needed

Requirements of the ISO 27001: 2013 Standard

Interpretations of Key Terms

Elements of a Information Security Management System

The ISO 27001: 2013 Standard

Principles of Information Security Management

Continual Improvement Cycle

Information Security Management Process Model

Information Security System Requirements

The Documentation Requirements of ISO 27001: 2013

Management Responsibility

Resource Management

Product Realization

Measurement, Analysis and Improvement

The Process Management Approach

Process Management Approach

The Planning Phase

Establish Process Measurements

Analyze the Process

Design or Redesign the Process

Process Mapping

Document Control

Elements of Documents

Process Approach to Documentation

Identifying Documents and their Owners

Types of Documents

Master Document List

Document Control

Revisions and Maintenance

Tips for Document Writers

Principles of Auditing according to ISO 19011:2018 and ISO 17021: 2015

Fundamentals of Lead Auditing

Decide how to Audit

Managing audit programme

Reviewing application

Determining audit duration

Planning audit

Conducting opening meeting

Collecting audit evidences

Managing conflict in an audit

Reaching audit conclusion

Conducting closing meeting

Writing Audit report

Conducting audit follow

Validating corrective actions

Certification Decision

Reviewing audit report

Making certification decision

Continuous improvement

Surveillance audit

Extension of scope

Withdrawal or cancellation of certification

Recertification audit

• Duration: 5 days
• Training Methodologies
  • Case Study
  • Individual Exercises
  • Role Play
  • Group Exercises
  • Group Presentation
  • Examination