ISO 27001 is the recognised international standard for best practice in information security management systems (ISMS) within any organisation. The ISO 27001 Auditor course will prepare you to plan and execute audits of information security management systems in line with the international standard ISO/IEC 27001.
Using the most recent version ISO 27001, this training is based on management system audit guidelines (ISO 19011:2002) as well as international audit best practices: the International Federation of Accountants (IFAC), the American Institute of Certified Public Accountants (AICPA), the Information Systems Audit and Control Association (ISACA) and the Institute of Internal Auditor (IIA). An audit kit developed by experienced auditors will be distributed to participants. ISO/IEC 27001 (ISO 27001) is an international standard for Information Security management. It provides a model to establish, implement, maintain and continually improve a risk-managed Information Security Management System (ISMS).
The ISO 27001 Auditor course covers the international standard published by the International Standardization Organization (ISO), that describes how to manage information security in a company. ISO 27001 can be implemented in any kind of organization, profit or non-profit, private, small or large government owned. It was written by the world’s best experts in the field of information security and provides methodologies for the implementation of information security management in an organization. It also enables companies to become certified, which means that an independent certification body has confirmed that an organization has implemented information security compliant with ISO 27001.
The standard forms the basis for effective management of sensitive, confidential information and for the application of information security controls. An organization that conforms to the ISO 27001 standard possesses clear, objective proof of its commitment to continued improvement of control over its sensitive and confidential information.
ISO 27001 therefore provides reassurance to sponsors, shareholders and customers that the organization has expert control over its risk management and data security. Due to the diversity of different organizations’ information assets – the ISO 27001 standard is adaptable according to an organization’s requirements. The design and implementation of the ISMS is tailored to the organization’s objectives, information assets, operational processes, governing legal requirements and regulatory security requirements.
At the end of this training, you will participate in the ISO 27001 Auditor examination, which is delivered under the accreditation from APMG International.