ISO/IEC 27001:2013 Lead Auditor

Course Overview

This five-day course will not only consolidate your knowledge of ISO/IEC 27001, it will also help you understand the standard’s requirements from an auditor’s point of view. You’ll learn to plan, conduct and report on an audit, improving your interview techniques, reviewing security threats and vulnerabilities, and identifying the correct controls to manage them. And you’ll become confident managing teams of auditors in your organization or during a third party audit

Course Schedule

Request Group Training

Target Audience

This is intended for those who will be involved in leading audits of an ISMS that conforms to ISO/IEC 27001:2013 in any organization.

Course Prerequisites

You should have a good knowledge of ISO 27001:2013 and the key principles of a ISMS. If not, we strongly recommend you attend our ISO 27001:2013 Requirements course

Expected Accomplishments

How will I benefit?

Confidently lead an ISMS audit team

Be prepared for a successful third party ISO/IEC 27001 assessment

Be able to audit according to internationally recognized best practice (ISO 19011:2011)

Network with like minded peers

Develop professionally and gain a recognized qualification

Course Outline

Day 1

First, second and third party audits

Audit process

Audit objectives, scopes and criteria’s

Audit resources

Roles, responsibilities and confidentiality

Audit methods

Stage 1 audit

Stage 2 audit

Audit plan understanding

Work documents understanding

Opening meeting understanding

Audit evidence

Effective communication

Audit findings

Audit meetings

Closing meeting

Audit reports

Audit follow-up

Our course agenda

Day 2

Purpose and business benefits of an ISMS

Terminology

Plan-Do-Check-Act

ISMS processes and context

Role of the auditor

ISMS documentation

Initiating the audit

Document review

Audit plan in practice

Work documents in practice

Opening meeting in practice

Observations

Auditing ‘top management’

Day 3

Specimen exam: sections 1 and 2 review

Auditing ‘context’

Auditing ‘actions to address risks and opportunities’

Tutorial on body language

Questions and evidence

Auditing ‘objectives, resource and competence’

Auditing ‘operations and monitoring….’

Day 4

Specimen exam: section 3 review

Auditing ‘continual improvement’

Non conformities

Closing meeting in action

Audit report

Audit follow-up in action

Specimen exam: section 4

Day 5

Hand in homework – audit report

Final questions/revision

Evaluation

Introduction to the exam

Exam

Reflections and feedback