Information Security Management Systems Lead Auditor (5 Days)
Learn to Implement and audit an system that meets ISO/IEC 27001 requirements. Secure your information and data assets.
Exemplar Global – AU TL IS
“Although I find the topic interesting, I think it is generally classed as being quite dry. Pat’s delivery of the program was excellent and engaging, with his experience being profoundly beneficial to my own professional development.”
“Many thanks Tom, I really enjoyed the course and will get a lot of use from it at my workplace.”
- No homework
- We never cancel courses
- Internationally recognised
- Trained by real auditors
- It's all done in class!
- Great lunches provided!
This training session outlines the key processes and approaches a business needs to manage information security risk in a practical way. Our training will teach you how to implement and audit an information security management system adhering to the specific requirements of ISO/IEC 27001, in order to protect information assets such as customer details, sensitive corporate information and financial data.
Our training is different because:
- We never cancel a course – enrol with confidence
- No homework or take-home assessment
- Certificates are issued promptly upon the completion of the course
- Trainers are practising audit professionals
- All learning materials and refreshments provided
Plus, a free licensed copy of:
- ISO/IEC 27001:2013 Information technology – Security techniques – Information security management systems – requirements.
Can’t find course dates in your city?
Register your interest in Information Security Management Systems, and we we will contact you directly when dates are available.
Participants will gain the knowledge to conduct internal or external audits of an Information Security Management System, either as a sole auditor, a member of an audit team, or as the team leader. Specifically, you will:
- Learn how to plan and carry out an ISO 27001:2013 audit
- Learn report writing and how to document an Information Security system
- Recognise the role of the auditor
- Understand, and be able to implement processes within the Information Security management system
- Be able to improve your organisations conformance with ISO/IEC 27001:2013
- Learn how to identify gaps in an Information Security management system
- Satisfy training needs for Exemplar Global certification
This course includes a complimentary copy of ISO/IEC 27001:2013, along with all learning materials and refreshments.
Participants learn how to perform an audit in accordance with ISO 19011:2011 Guidelines for Auditing Management Systems. The course provides a comprehensive and practical understanding of how to conduct a successful internal or external audit, either as part of an audit team or as the team leader. We focus in particular on the principles and procedures of auditing, the importance of planning, the roles and responsibilities of an auditor, how to gather effective audit evidence and report on the audit findings, and the required follow up activities as an auditor.
Participants also learn the auditing requirements of ISO 27001, and how to best apply and integrate the standard for the benefit of an organisation.
This course is divided into two modules, enables participants to attend both modules in the one week, or spread across different sessions. The first 2 day module is equivalent to our ‘Becoming a Skilled Lead Internal/External Auditor’ course, where participants learn to conduct management systems audits. The remaining 3 day module covers the requirements of the Information security management systems standard, ISO 27001 and information Security controls.
Introduction to Management Systems Auditing
- Introduction to auditing
- Roles and responsibilities of an auditor
- Principles and procedures of auditing
- Communication skills and interview techniques
- Setting appropriate audit objectives, goals, and criteria
- Planning a Management systems audit
Management Systems Auditing
- How to ensure that audits add value to an organisation
- Auditing as a Team Leader
- Effective audit evidence
- Management Systems auditing scenarios
- Writing audit findings and the audit report
- Developing the audit report and writing audit findings
- Reviewing corrective action
Information Security Management Systems
- Introduction to Information Security
- Context of Information Security
- Information Security management systems requirements
- Risk-based approach to information security
Information Security controls
- ISO 27001 – Code of practice for Information Security management
- Information classification
- Documentation requirements of Information security management systems
Information Security application
- Statement of applicability
- Information security audit scenarios
- Course review
What Qualification will I Receive?
Upon successful completion of the course, each participant will receive a Certificate of Attainment which identifies the 3 Exemplar Global competencies below:
- Exemplar Global IS – Information Security management systems
- Exemplar Global AU – Management systems auditing
- Exemplar Global TL – Leading management systems audit teams
Additional Exemplar Global competencies for Quality management systems (Exemplar Global QM) Environmental management systems (Exemplar Global EM) and/or OHS management systems (Exemplar Global OH), and Food Safety management systems (Exemplar Global FS) may be attended separately.
There are no prerequisites for this course.
During the course, participants will complete a series of workshops, which form part of the assessment. Upon the completion of each module there is a short multiple choice exam. Participants receive continual assistance and feedback from the facilitator.
Who Should Attend
Designed to cater to a variety of people currently involved in the audit and Information Security Management System process, you should attend if you:
- want to become an internal ISMS auditor
- want to become a 3rd party IS auditor
- need to write and implement a ISMS
- are involved in the Information Security management process
- are a manager responsible for an ISMS and ISMS auditing
- wish to consolidate your existing knowledge into a formal qualification.
Prior experience in auditing and management systems is not essential.
Study Pathway - Where to from here?
If you wish to become a registered third-party, or external Information Security Management Systems auditor with Exemplar Global, completing this course is the first step.
Once you have obtained the Exemplar Global competencies from this course, you can follow either a qualification-based certification path, or competency-based. A full explanation of the requirements to become certified with Exemplar Global can be found here or contact us for more information.
How to Enrol
PwC offers a streamlined enrolment process – enrol directly into your course online, or call Brock or Carrie on 1300 95 96 92 to enrol over the phone.
Book now, pay later!
Introductory $2,995 (incl gst) per person.
Discounts for multiple attendees are available.
How to pay
We offer a variety of payment methods:
- Direct debit
- Credit card
- Payment plans
We are able to arrange flexible payment plans on an individual basis. Please be aware that your certificate will be held until full payment has been received.
Public – face to face
Our regular public courses are conducted in capital cities and key regional centres in Australia and New Zealand. You will enjoy an excellent learning experience in a premium training venue, and;
- Class sizes are kept to manageable numbers – so everybody learns
- No homework or take-home assessment! All work is completed in course time – we know you’re busy
- No major exam – we assess you as you go
Our public training courses are valuable opportunities for professional development and networking. They are the perfect way to convert your current experience into formal qualifications for either career advancement or a complete career change.
Our Trainers are practising auditors and experts in their field. They deliver practical and real world auditing experiences.
In house training can provide a cost-effective training solution for organisations with a number of staff who require training. We can also customise a course to suit your own individual needs, and include your own audit documentation. Contact Brock or Carrie on 1300 95 96 92 for a quote and to discuss your individual training needs.