Information Security Management System
Information Security Management System - LA (Lead Auditor)
What do you learn?
At the end of this training course, you will be able to:
- Understand and explain the purpose and benefits of Information Security Management System
- Understand and interpret the audit requirements of ISO 27001:2005 standard in the context of an ISMS audit.
- Understand and explain the Risk Assessment and Risk Management process.
- Understand the PDCA (Plan-Do-Check-Act) cycle and explain the processes in establishing, implementing, operating, monitoring, reviewing and improving an ISMS as defined in ISO 27001:2005
- Explain the roles and responsibilities of Auditors and Lead Auditors in accordance to ISO 19011:2011.
- Plan, conduct and report the audit in accordance with ISO 19011:2011
Who should attend?
- Professionals who have a role to play in the implementation of Information Security Management System
- Chief Information Security Officer
- Information Security Management System Consultants
- Information Security Management System Management Representative
- Information Security Practitioners who wish to expand their auditing skills
Course Outline:
- ISMS Concepts and ISO 27001 Standard Requirements
- ISMS Domains and Controls
- Risk Assessment and Risk Management Process
- Roles and Responsibility of Auditors
- Planning, Conducting and Reporting an Audit
- Corrective and Preventive Actions
- Exercises / Role plays
- Written Examination
Duration:
Five (5) Days
Information Security Management System - IA (Internal Auditor)
What do you learn?
At the end of this training course, you will be able to:
- Understand the purpose of an Information Security Management System (ISMS) and the processes involved in establishing, operating, monitoring, reviewing and improving an ISMS
- Understand Auditing Concepts
- Understand Risk Assessment and Management
- Understand the Security Controls of ISO 27001
- Understand how to Plan, Conduct and Report an Audit
Who should attend?
- Professionals who have a role to play in the implementation of Information Security Management System within their organisation
- Individuals who wish to conduct first and second party audits
- Information Security Management System Consultants,
- Management Representative
- HODs
Course Outline:
- Benefits and Purpose of Information Security Management System
- Overview of ISO 27001:2005 standard, Control Objectives and Controls of ISO 27001:2005 coupled with exercises
- Risk Assessment and Management Concepts
- Audit Process
- Audit Planning and Scheduling
- Audit Findings & Reporting
- Audit Checklist and Non Conformance Report preparation
- DO’s and DON’T’s of Auditing
- Classroom Exercises
- Case Studies
- Examination
Duration:
Two (2) Days
For registration or any other queries, you may write to us at academy@tuv-sud.in or info@tuv-sud.in