The ISO/IEC 27001:2022 Information Security Management Systems (ISMS) Lead Auditor course is designed to provide participants with the knowledge and skills to perform first, second, and third-party audits of ISMS against the ISO/IEC 27001 standard.
Learning Objectives
Fundamental Concepts and Principles: Understanding the purpose and benefits of ISMS, including the principles of information security management and the role of ISMS standards.
ISO/IEC 27001 Requirements: Detailed interpretation of ISO/IEC 27001 requirements from an auditor’s perspective.
Audit Planning and Execution: Learning how to plan, conduct, report, and follow up on ISMS audits in compliance with ISO 19011 and ISO/IEC 17021 standards.
Audit Techniques and Tools: Mastering various audit techniques, managing audit programs, audit teams, and handling communication and conflict resolution during audits.
Audit Reporting: Documenting audit findings, evaluating action plans, and understanding the impacts of trends and technology in auditing.
Learning Methods :
Comprehensive review and preparation
Examination covering all aspects of the course
Theory and Practical Exercises: Combining lectures with real-world case studies and role-playing exercises to reinforce learning.
Interactive Sessions: Encouraging class discussions, Q&A sessions, and practical labs to enhance understanding and application of audit principles.
Who should attend :
Target Audience
Internal auditors
ISMS managers and consultants
IT professionals and information security team members
Technical experts preparing for ISMS audits
Course Outlines:
Day-1
Introduction to ISMS and ISO/IEC 27001
Overview of ISMS
Key concepts and benefits of ISO/IEC 27001
Structure and requirements of ISO/IEC 27001:2022
Day-2
Audit Principles, Preparation, and Initiation
Audit fundamentals
Planning and initiating an ISMS audit
Understanding the organization’s context and its ISMS scope
Day-3
On-Site Audit Activities
Conducting on-site audit activities
Gathering and verifying audit evidence
Interviewing techniques and audit checklists
Day-4
Closing the Audit
Preparing audit findings and non-conformity reports
Conducting closing meetings
Post-audit activities, including follow-up and corrective actions