ISO 27001 Lead Auditor

This is an intensive course enables participants to develop the expertise needed to audit an Information Security Management System (ISMS) and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques. During this training, the participant will acquire the knowledge and skills needed to proficiently plan and perform internal and external audits in compliance with the certification process of the ISO/IEC 27001:2022 standard.

ISO 27002:2022 standard is significantly changed with 4 Control Categories and called as Themes. 1) Organization, 2) People, 3) Physical & 4) Technology.

ISO 27002 (ISO 27001 Annexture) as 93 Controls.

ISO 27001 Lead Auditor Instructor Led Training and Certification Service Available

Course Outline: 4 Modules

Module1: ISMS Introduction 

• ISO 27001:2022 (IS, Cyber Security & Data Privacy) Introduction

• Relevant standards, ISO/IEC 27000, 27001, 27002 & 19011

• The importance of information security

• Benefits of ISO 27001 Standard 

• Introduction to information security and ISO 27001:2022

• Integrated Management System

• ISO 27000 Family of Standards

• ISO 27001 Standard (thorough understanding)

• Standard and regulatory framework

• ISO 27001 Certification process for Organization & Individual

• Fundamental principles of information security

o Asset & Information Security 

o Document, Specification & Record

o Information Security 

o Cyber Security & Data Privacy

o Confidentiality, Integrity & Availability

o Vulnerability & Threat

o Information Security Risks

o Security Objectives & Controls 

o Classification of Security Controls

• ISMS Implementation Approach

 Module 2:

• Audit principles, preparation and launching of an audit

• Fundamental audit concepts and principles

• Audit Standard, What is Audit, Types of Audits

• Actors, Audit Objectives & Criteria, Combined Audit 

• Principals of Auditing, Responsibility of Auditors 

• Types of Audit Evidences, Quality of Audit Evidences 

• Audit Approach Based on Risk, Materiality and Audit Planning

• Risk Based Auditing & Evidence Based Auditing

• Initiating the audit

• Stage 1 audit

 Module 3:

On-site audit activities

• Preparing the stage 2 audit (on-site audit)

• Phase 2 audit (Part 1)

• Phase 2 audit (Part 2)

• Communication during the audit

• Audit procedures

• Creating audit test plans

 Module 4: Closing the audit

• Drafting audit findings and non-conformity reports

• Documentation of the audit and quality review

• Evaluating action plans by the auditor

• Beyond the initial audit

• Managing an internal audit programme

• Competence and evaluation of auditors

• Syndicate & role play exercises

• Final ISO 27001 Lead Auditor Examination

ISO 27001 Lead Auditor Instructor Led Training and Certification Service Available