Course Description
This “ISO/IEC 27001 : 2013 Information Security Management System Internal Auditor” course teaches students the fundamentals of auditing information security management systems to ISO/IEC 27001 : 2013. This course teaches students how to conduct audits within their organization. The auditing exercises and lectures are based on ISO 19011, “Guidelines for Quality and/or Environmental Management Systems Auditing.” Experienced instructors guide students through internal audits that are required for a quality management system based on ISO/IEC 27001 : 2013. Students gain necessary auditing skills through a balance of formal classroom tutorials, group workshops, and open forum discussions.
Learning Objectives:
- Review the Requirements of ISO/IEC 27001
- Understand the Relationship between ISO/IEC 27001 and ISO/IEC 27002
- Learn How to Assess Security Threats and Vulnerabilities
- Understand Security Controls and Countermeasures
- Understand the Roles and Responsibilities of the Auditor
- Learn How to Plan, Execute, Report, and Follow-up on an Information Security Management System Audit
Course Materials:
Students receive comprehensive course manuals with reference materials, including:
- Copy of ISO/IEC 27001
- Copy of ISO/IEC 27002
- Copy of ISO 19011
Who should attend?
- IT Security Officers
- IT Managers
- Information Security Consultants
Prerequisite
A prior review of ISO/IEC 27002 and ISO/IEC 27001 would be beneficial.
Duration: 3 Days
Price: $15,000 (for up to 15 people)
Public Course: $1,495 per person