ISO 27001 Internal Auditor Training
The course is based the requirements of the ISO 27001:2005 standard, the implementation guideline standard – ISO 17799, and the tenets of ISO 19011 “Guidelines for Quality and/or Environmental Management Systems Auditing”. The three days contain a balance of theory with workshops and practical exercises to give attendees an understanding of the key activities in auditing information security management systems.
- Overview of the requirements of ISO 27001 and its companion standard ISO 17799.
- Basic auditing concepts including
- Planning, preparation, scheduling audits
- How to gather information during the audit
- Selecting a sample
- Effective audit techniques
- Following audit trails
- Understanding when to write non-conformances and how to grade them
- Preparing audit reports and communicating results
- ISO 27001 specific auditing including
- Auditing risk assessments
- Auditing controls and countermeasures
Who Should Attend:
- IT Security Officers, Information Technology Professionals
- Management Representatives and other members of the ISO 27001 implementation team
- Anyone who will perform an internal audit to ISO 27001
Program Duration: Three-day program, 9:00 a.m. to 5:00 p.m.
Course Locations: Atlanta, GA, Memphis, TN and on-site