Information Security Management System

Information Security Management System - LA (Lead Auditor)

What do you learn?

At the end of this training course, you will be able to:

  • Understand and explain the purpose and benefits of Information Security Management System
  • Understand and interpret the audit requirements of ISO 27001:2005 standard in the context of an ISMS audit.
  • Understand and explain the Risk Assessment and Risk Management process.
  • Understand  the PDCA (Plan-Do-Check-Act) cycle and explain the processes in establishing, implementing, operating, monitoring, reviewing and improving an ISMS as defined in ISO 27001:2005
  • Explain the roles and responsibilities of Auditors and Lead Auditors in accordance to ISO 19011:2011.
  • Plan, conduct and report the audit in accordance with ISO 19011:2011

Who should attend?

  • Professionals who have a role to play in the implementation of Information Security Management System
  • Chief Information Security Officer
  • Information Security Management System Consultants
  • Information Security Management System Management Representative
  • Information Security Practitioners who wish to expand their auditing skills

Course Outline:

  • ISMS Concepts and ISO 27001 Standard Requirements
  • ISMS Domains and Controls
  • Risk Assessment and Risk Management Process
  • Roles and Responsibility of Auditors
  • Planning, Conducting and Reporting an Audit
  • Corrective and Preventive Actions
  • Exercises / Role plays
  • Written Examination

Duration:

Five (5) Days

Information Security Management System - IA (Internal Auditor)

What do you learn?

At the end of this training course, you will be able to:

  • Understand the purpose of an Information Security Management System (ISMS) and the processes involved in establishing, operating, monitoring, reviewing and improving an ISMS
  • Understand Auditing Concepts
  • Understand Risk Assessment and Management
  • Understand the Security Controls of ISO 27001
  • Understand how to Plan, Conduct and Report an Audit

Who should attend?

  • Professionals who have a role to play in the implementation of Information Security Management System within their organisation
  • Individuals who wish to conduct first and second party audits
  • Information Security Management System Consultants,
  • Management Representative
  • HODs

Course Outline:

  • Benefits and Purpose of Information Security Management System
  • Overview of ISO 27001:2005 standard, Control Objectives and Controls of ISO 27001:2005 coupled with exercises
  • Risk Assessment and Management Concepts
  • Audit Process
  • Audit Planning and Scheduling
  • Audit Findings & Reporting
  • Audit Checklist and Non Conformance Report preparation
  • DO’s and DON’T’s of Auditing
  • Classroom Exercises
  • Case Studies
  • Examination

Duration:

Two (2) Days

For registration or any other queries, you may write to us at academy@tuv-sud.in or info@tuv-sud.in