ISO 27001 – ISMS Lead Auditor: Course Contents | ALC Training News

  • No comments
Day 1: Introduction to the management of an Information Security Management System based on ISO 27001
  • Normative and regulatory and legal framework related to information security
  • Fundamental principles in Information Security
  • ISO 27001 certification process
  • Information Security Management System (ISMS)
  • Detailed presentation of the clauses 4 to 8 of the ISO 27001 standard
Day 2: Launching an ISO 27001 audit
  • Fundamental audit concepts and principles
  • Audit approach based on evidence and on risk
  • Preparation of an ISO 27001 certification audit
  • Documenting of an ISMS audit
  • Conducting an opening meeting
Day 3: Conducting an ISO 27001 audit
  • Communication during the audit
  • Audit procedures:
    • observation,
    • document review
    • interview
    • sampling techniques
    • technical verification
    • Corroboration and evaluation
    • Drafting test plans
    • Formulation of audit findings
    • Drafting of nonconformity reports
Day 4: Closing an ISO 27001 audit
  • Audit documentation
  • Quality review
  • Review of audit notes
  • Conducting a closing meeting and conclusion of an ISO 27001 audit
  • Evaluation of corrective action plans
  • Surveillance audit
  • Audit management program
  • Completion of training
Day 5
  • Course review
  • Q&A
  • Exam preparation

ALC Training