Information Security Management Systems

 Participants will:

• Learn mandatory documentation requirements of an Information Security system
• Understand, and be able to implement processes within the Information Security management system
• Be able to improve your organisations conformance with ISO/IEC 27001:2013
• Learn how to identify gaps in an Information Security management system
• Satisfy training needs for Exemplar Global certification

This course includes a complimentary copy of ISO/IEC 27001:2013, along with all learning materials and refreshments.

Participants will learn the auditing requirements of ISO 27001, and how to best apply and integrate the standard for the benefit of an organisation.

Module

This course is delivered as a single, 3 day module covering the requirements of ISO/IEC 27001.

This module can be joined to an additional module; ‘Becoming a Skilled Lead Internal/External Auditor‘ where participants learn to conduct management systems audits in accordance with ISO 19011:2011 Guidelines for Auditing Management Systems. The course provides a comprehensive and practical understanding of how to conduct a successful internal or external audit, either as part of an audit team or as the team leader. We focus in particular on the principles and procedures of auditing, the importance of planning, the roles and responsibilities of an auditor, how to gather effective audit evidence and report on the audit findings, and the required follow up activities as an auditor. To complete these modules together, see the Information Management Systems Lead Auditor course.

Day 1

Information Security Management Systems

• Introduction to Information Security
• Context of Information Security
• Information Security management systems requirements
• Risk-based approach to information security

Day 2

Information Security controls

• ISO 27001 – Code of practice for Information Security management
• Information classification
• Documentation requirements of Information security management systems

Day 3

Information Security application

• Statement of applicability
• Information security audit scenarios
• Course review

Upon successful completion of the course, each participant will receive a Certificate of Attainment which identifies the Exemplar Global competency below:

• Exemplar Global IS – Information Security management systems

There are no prerequisites for this course.

During the course, participants will complete a series of workshops which form part of the assessment. Upon the completion of each module there is a short multiple choice exam. Participants receive continual assistance and feedback from the facilitator.

Designed to cater to a variety of people currently involved in the audit and Information Security Management System process, you should attend if you:

• want to become an internal ISMS auditor
• want to become a 3rd party IS auditor
• need to write and implement a ISMS
• are involved in the Information Security management process
• are a manager responsible for an ISMS and ISMS auditing
• wish to consolidate your existing knowledge into a formal qualification.

Prior experience in auditing and management systems is not essential.

If you wish to become an Information Security auditor under the Exemplar Global auditor scheme, you must also have successfully completed Exemplar Global AU and Exemplar Global TL (provided under Becoming a Skilled Lead Auditor or Information Security Management Systems Lead Auditor). Once you have also obtained these competencies, you can follow either a qualification-based certification path, or competency-based.

A full explanation of the requirements to become certified with Exemplar Global can be found on their website or contact us for more information.

Delivery

Public – face-to-face

Our regular public courses are conducted in capital cities and key regional centres in Australia and New Zealand. You will enjoy an excellent learning experience in a premium training venue, and:

• Class sizes are kept to manageable numbers – so everybody learns
• No homework! All work is completed in course time – we know you’re busy
• No major exam – we assess you as you go

Public – Virtual/Online

In response to COVID-19 and social distancing, we’ve gone virtual with all of our courses to keep the interaction and engagement between trainer and participants. Our virtual training platform incorporates:

• Group exercises – facilitated by mini break out workshops amongst the team
• Ability to ask questions in real time
• Built in note taking and tracking of course materials
• You can interact with participants throughout the session through a chat functionality
• Online assessments providing a streamlined marking process

Our aim is to recreate the classroom experience in a safe, virtual environment, maintaining the fun and engaging experience our clients find useful and valuable.

Our public training courses are valuable opportunities for professional development and networking. They are also the perfect way to convert your current experience into formal qualifications for either career advancement or a complete career change.

Our Trainers are practising auditors and experts in their field. They deliver practical and real world auditing experiences.

In house

In house training can provide a cost-effective training solution for organisations with a number of staff who require training. We can also customise a course to suit your own individual needs, and include your own audit documentation. Call us on 1300 95 96 92 for a quote and to discuss your individual training needs.