Online Training - ISO 27001 Information Security Management System (ISMS) Internal Auditor

DESKRIPSI This course has been designed to equip participants with the knowledge and skills needed to assess and report on the conformance and effective implementation of an information security management systems (ISMS) to protect organizations from risk. Those organizations that fail to operate coherent and comprehensive ISMS strategies leave themselves open to potential security failures. The purpose of the ISO 27001 Internal Auditor Training is to give you the necessary skills to perform internal audits on an organization’s Information Security Management Systems (ISMS) and to contribute to their continual improvement. The training helps you identify and control the threats an organization faces from any information security controls lapses and how to effectively put in place measures to address those risks. OBJECTIVE On training completion you will be able to:

1. Understanding the application of an information security management system in the ISO 27001 : 2005 context.
2. Understanding the relationship between the information security management system, including the management of risks and controls, and the various stakeholders.
3. Acquiring the expertise to support an organization in implementing, managing and maintaining an ISMS as a part of internal audit department
4. Acquiring the personal skills and knowledge necessary to be an internal auditor

MATERI Introduction to the management of an ISMS based on ISO 27001

• Introduction to management systems: process approach & information security
• Introduction to ISO 27001 family standards
• ISO 27001:2005 – Requirements
• Annex A – Control objectives and controls

Internal Auditing Techniques and Method

• Audit : Purpose, responsibilities and personal attributes
• Risk management : risk identification, risk analysis and risk treatment
• Audit activities: Initiation, preparation, implementing, finalization techniques
• Implementing a documentation management & report framework
• Exercises and case studies