ISO 27001 – Lead Auditor


This course aims to teach the principles and practices of effective ISMS third-party audits. This course could be certified by Exemplar Global. Our approved tutors will guide delegates through the entire audit process, from initiating the audit through to conducting audit follow-up.

Who should attend?

Information security(infosec) professionals interested in conducting first-party, second-party, and/or third-party audits.

Management Representatives/ Managers/ infosec Directors/ infosec Consultant/ People who wants to extend their career in ISMS standard.

Course Learning Outcomes

Upon successful completion of the course, the participant will demonstrate the ability to:

Audit the processes and management infosec effectively,

To make a process audit and a procedure or a clause audit,

Prepare and plan audits in a risk-based manner and effectively,

Behave as a successful auditor,

Select the audit team and evaluate their performances,

Effectively get prepared for an audit,

Effectively audit the processes assigned,

Evaluate the findings and the conformities, nonconformities and improvement points effectively,

Run opening and closing meetings and report the audits and non-conformities,

Effectively follow up the audit findings,

Explain the accreditation and certification,

CURICULUM

Introduction of the Course

Auditing terms and Definitions; Purpose and differences of audit types; ISO 19011:2018 VS ISO 17021:2011; Principles of auditing

Audit Phases; Auditor Competence

Roles & Responsibilities of: TL/A/TE/guides/AIT

observers and auditee LA managing auditing team; Effective Communication; Confidentiality

Auditing scope, Auditing ISMS Policy, Action to address Risk & Opportunities, Overview of resources including people, infrastructure, environment, organizational knowledge, competence, awareness needed for the establishment, implementation, maintenance and continual improvement of the information security management system.

Pre audit activity, Methods of auditing, Audit program, Initial Certification Audit – Stage I (Document Review)

Audit Planning, Audit Checklist ,Initial Certification Audit – Stage II – Opening Meeting Requirements of Stage II audit Purpose & expectations from site tour, Gathering Audit Evidence: Types and Methods Sampling Technique and Approach, Evaluation of Audit Findings: Pre evaluation activities and Grading Non Conformance Observation ,Purpose of Surveillance audit Purpose of Recertification audit Planning of Surveillance and Recertification audit, Closing Meeting, Audit Report Preparation Approving and Distribution, Conduct audit follow-up, Sum up and reflections.