Lead Auditor ISO/IEC 27001:2022 ISMS

The internationally recognized Information security Management System Standard (ISMS) has now been updated to its latest ISO/IEC 27001:2022 version.

ISO/IEC 27001:2022 Information security Management System has proven to be highly beneficial for all types of organizations regardless of their type or size, since confidential data exist in all kinds of businesses and cyber-attacks become more common every day. Leaving this information exposed can be a serious threat to organizations’ stability. ISO/IEC 27001:2022 standard sets the grounds for the security of such information and is thus highly beneficial for the protection of an organization.

Gain the knowledge and skills to audit and improve your company’s Information security management systems with our Lead Auditor ISO/IEC 27001:2022 ISMS course.

Course Overview
Course Outline
Learning and Teaching
Assessment and Certification

Aims & Objectives

Deliver the key requirements and benefits of ISO/IEC 27001:2022
Outline the steps towards effective Management of information security
Compare ISO/IEC 27001 towards previous version
Manage information security risks and hazards effectively
Provide the application of risk-based thinking, frameworks and process management
Present the key auditing techniques to plan, conduct and follow-up actions

Learning Outcomes

Having successfully completed this course you will be able to:

Learn the importance and benefits of an ISO/IEC 27001:2022 ISMS
Understand the key requirements, terms and definitions of ISO/IEC 27001:2022 ISMS and its structure
Grasp the application of business continuity-based thinking, leadership and process management, Plan-Do-Check-Act
Explain the role of an auditor to plan, conduct, report and follow up an audit in accordance with ISO/IEC 27001:2022 ISMS
Conduct effective audits in any auditing situation
Establish and plan the activities of an audit team
Communicate effectively with the auditee and audit client
Organise and direct audit team members
Prepare and complete the audit report
Use remote auditing methods

Who should attend?

Managers
Business professionals
Management system professionals
ISO Consultants
Information security, finance, customer care/support, R&D and IT personnel

Prerequisite skills & knowledge: None required

Available in-house/distant learning? Yes

Created by: LiberoAssurance Continuous Professional Development Training Centre

Part A Contents: ISO/IEC 27001:2012 Awareness

Overview

Management Systems
Goals of a Management System
ISO/IEC 27001:2022 Structure

Clauses 0-3

Introduction
Scope
Normative references
Terms and definitions

Context of the organization

Introduction to company’s context
Understanding the organization, its context and interested parties
Scope of the ISMS ISMS Processes

Leadership

Leadership and commitment
Information Security Policy
Organizational roles, responsibilities and authorities

Planning

Actions to address risks and opportunities
Information security objectives and planning to achieve them
Planning of changes

Support

Resources
Competence
Awareness
Communication
Documented information

Operation

Operational planning and control
Information security risk assessment
Information security risk treatment

Performance evaluation (Monitoring and Evaluation)

Monitoring, measurement, analysis and evaluation
Internal audit
Management review

Improvement

Continual improvement
Nonconformity & corrective action

Annex A

Example
ISO 27001 Project Plan

Part B: ISO 27001:2013 Lead Auditor

The Audit

What is an audit?
Why Audit?
Audit Types

Audit steps

Audit Plan
Developing Checklists
Opening Meeting
Conducting the Audit
Closing Meeting
Audit Report
Audit Follow-up Activities

Audit programme

Establishing the audit programme objectives
Identifying and evaluating audit programme risks and opportunities
Process flow for the management of an audit programme (Ref ISO 19011)
Managing an audit programme
Audit programme Implementation
Process of collecting and verifying information
Monitoring audit programme
Improving audit programme

Accreditation & Certification

Accreditation & Certification Bodies
Certification Process

Auditor’s Performance

Auditor’s Quality
The Auditors conduct
Auditor’s Code Conduct
Auditor Characteristics
Auditor's personal behavior
Auditee’s conduct
Selecting the audit team members
Skills of audit team leaders
How to evaluate an Auditor
Maintaining and improving auditor competence

Psychological factors during an audit

Attitudes and relationships
Obstacles and communication
Space and Time issues
Body language
Cultural factors
Principles of Listening
Questions & questioning

Audit tips and techniques

Tips to trained auditor
Question Technique
Competence of the audit programme manager

Exam & Certification

Exam for ISO/IEC 27001:2022 Lead auditor
ISO/IEC 27001:2022 Lead Auditor Certificate

Teaching Methods

Detailed seminar presentations
Terms and definitions
No. of slides: 205

Resources

Reading lists and resources available in presentations

Study time allocation

Private study hours: 24
Trainer contact hours: Availability and competence of instructors upon request
Enrollment Duration: 90 days (starting from the date of purchase)

Credits

CPD Points: 24
ECTS/ECVET Points: 0.8

Assessment methods	Hours	% contribution to final mark	% Minimum passing grade
Exam for ISO/IEC 27001:2022 Information Security Management System Lead Auditor	1	100	60
Outcomes/Certificates	On successful completion of the course assessment, participants will be issued with a ‘Certificate of Success’

   Non conformities - Real Examples
   Audit checklist
   Online examination-3 Attempts
   100% Online course
   CPD Accredited eCertificate – Global acceptance
   Downloadable course material
E-learning Mobile App
   Enrolment: 3 months
   Flexible schedule
   Language: English

280,00 € each

Add to cart