Learning Objectives
The aim of the training is to provide the necessary knowledge and skills to conduct and manage effective Information Security Management System audits in accordance with ISO/IEC 27001:2013 and ISO 19011 requirements. The workshops in the training content allow the participant to learn the audit process not only verbally but also by practice.
Education Target Audience
Managers who will ensure the effective establishment and implementation of ISO 27001 Information Security Management System in organizations, employees involved in the execution of ISO 27001 Information Security Management System, auditors and auditor candidates, consultants.
Content
-
Information Security Management System
-
The concept of control, its types
-
Auditor responsibilities and duties
-
Explaining the auditor's role in planning, conducting, reporting and following up an audit
-
Asking questions, interviewing, audit findings, reporting
-
Nonconformity detection, classification
-
Opening and Closing Meetings
-
Follow-up activities
-
Exercise and Practical Studies
-
Exam
Education Target Audience
Participants are required to have attended basic training on ISO 27001 Information Security Management System.