ISO 27001:2013 Lead Auditor Training
4 Days - 3.6 CTUs - $1995 - Competency Units IS, AU, TL
This is a four-day, instructor-led classroom course. There are written tests on each of the competency units on days 2, 3, and 4. Days 1 and 2 will cover ISO 27001:2013 (IS) along with a corresponding competency exam. Day 3 will cover management systems auditing (AU) along with a corresponding competency exam. Day 4 will cover leading management systems audit teams (TL) along with a corresponding competency exam.
Course objectives
- Interpret and apply the ISO 27001:2013 requirements
- Recognize the relationship between ISO 27000, ISO 27001, and ISO 27002
- Define information security management (ISMS) terminology
- Demonstrate how ISMS planning, policy, objectives, and processes are implemented
- Explain the difference between legal compliance and conformity
- Define the relationship between an organization’s operational informational security requirements and the ISO 27001:2013 standard
- Assess effectiveness of an organization’s information security risk assessment methodologies
- Evaluate risk assessment and risk treatment results to ensure they are appropriately identified within the organization’s statement of applicability
- Apply auditing principles, procedures, and methods identified in ISO 19011:2018
- Establish audit objectives for the audit program
- Determine the feasibility of an audit
- Prepare work documents for an audit
- Apply all aspects of the on-site audit activities
- Define audit roles and responsibilities
- Document audit results, findings, and conclusions
- Identify and apply sampling techniques
- Develop an audit plan
- Demonstrate effective communication and interview skills
- Identify roles and responsibilities of audit team leaders
- Incorporate audit objectives, scope, and criteria into audit planning
- Select audit team members and assign tasks
- Identify, evaluate, and address risks in an audit plan
- Develop and manage the opening and closing meetings
- Resolve conflict during an audit
- Prepare an audit report to address all findings during an audit
- Perform audit follow-up activities
- Apply remote auditing methods