The Information Security Management Systems, or ISMS, standard specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization.
This two-day course begins with the understanding of the concept of Information Security Management, the requirements of ISO/IEC 27001:2013 certification standard, and its relation to the ISO 27000 series of standards for information security management. This Internal Auditor course is based on the principles of ISO 19011:2011. It is designed for those people who wish to understand and conduct internal audit assessments to the ISO/IEC 27001:2013 certification standard and its relation to the ISO 27000 series of standards for information security management.
- Introduction to information security management systems
- Objectives and benefits of an ISMS
- Key Principles and Concepts of the ISMS
- Code of practice ISO/IEC 27002:2013
- Certification specification ISO/IEC 27001:2013
- Certification to ISO/IEC 27001:2013
- The ISO 27000 series of standards
- Essentials of the Standard
- The ISMS Audit Planning
- The ISMS Audit Preparation
- Conducting an ISMS Audit
- Recording the results
- Root Cause Identification
- Presenting reports
- Conducting Audit follow-Up
Who Should Attend?
This course is suitable for any managers or executives responsible for the security and confidentiality of their business-critical information. This course is designed for those people who wish to understand and conduct internal audit assessments to the ISO 27001:2005 certification standard and its relation to the emerging ISO 27000 series of standards for information security management.
2 Days, 9:00 am - 6:00 pm
Training Schedule 2017 [ PDF 401 kB ]
Online Registration Form