ISO27001
Information Security Management System
Internal Auditor Training
PURPOSE AND DURATION OF THE TRAINING:
A 3-day training aimed at equipping participants with the competence to conduct internal audits of the ISO27001:2013 standard within the organization. The training can be held on-site at the company location or in designated classrooms.
WHO SHOULD ATTEND:
- Employees involved in developing and implementing IT processes,
- Employees responsible for information security,
- IT Managers,
- Internal and External Auditors,
- IT Auditors,
- IT Quality Specialists,
- Anyone interested in gaining knowledge about ISO27001.
TRAINING CONTENT:
This training is essential for employees who will participate in annual audits of the Information Security Management System, review reports, and ensure periodic controls.
- Definitions
- Basic Principles of Information Security Management System
- Management of Documents and Records
- Planning, Managing, and Reporting by Audit Types
- Practical Training
- Audit Planning
- Preparation of Audit Question Lists (Standard and all Annex-A Controls)
- Conducting the Audit
- Handling Potential Issues During the Audit
- Grading of Audit Findings
- Audit Reporting and Follow-up
- Auditor Examination