Information Security Management Systems (ISMS)

Internal Auditor Course (ISM0306)

Objectives

To give an understanding of:

  • The ISO 27001 standard and its documentation requirements
  • Risk assessment
  • The relationship between ISO/IEC 17799:2000 & ISO 27001:2005
  • The control objectives in ‘Annex A'.
  • A Statement of Applicability and a Risk Treatment Plan
  • The audit process utilising a Risk Treatment Plan

Course Content

A one day course containing the following:

  • Process approach to auditing
  • Audit planning
  • Auditing against a standard
  • Scripted audit
  • Audit exercise
  • Audit reporting

Please click here for more information about the ISO 27001 standard at which the course is aimed.

Who Should Attend

This course is designed for auditors, prospective auditors and managers of Information Security Management Systems.

What Should Have Been Learnt

  • How to plan internal audits of an ISMS
  • How to carry out internal audits of an ISMS
  • How to produce a reports of internal audits of an ISMS
  • Additional tools required by an internal auditor of an ISMS.

Prerequisites

Delegates are assumed to have sound knowledge of the topics covered in the one day ISMS Awareness and Application Course.

Course Duration & Structure

This course is one day and is a mix of formal lectures and practical exercises.

For course dates, fees & booking, click here or contact ISOQAR



Industry Specific:

Bookmark and Share

ISO 27001 Logo
 © ISOQAR 2009 Terms of Use - UK Tel: 0161 865 3699 - Fax: 0161 865 3685 - Email Us