ISO 27001 2022 Information Security Management Systems (ISMS) - Lead Auditor Course
Instructor
QGLOBAL ACADEMY
6,235
Students
enrolled
- Description
- Curriculum
ISO/IEC 27001 information security management system (ISMS) specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in ISO/IEC 27001 are generic and are intended to be applicable to all organizations, regardless of type, size or nature. ISO 27001 2022 lead auditor training course will help you learn how to initiate an audit, prepare and conduct audit activities, compile and distribute audit reports and complete follow-up activities. On successful completion of this course, you will be able to optimize your auditing skills with the internationally recognized ISO 27001 2022 standard and boost your audit capabilities. Also gain confidence in planning and performing an effective audit, as well as reporting and taking corrective action where necessary. ISO 27001 2022 lead auditor course develops the necessary skills to assess and report on the conformance and implementation of processes based on ISO 27001 2022.
Who Should Attend?
- Anyone involved in the planning, implementing, maintaining, supervising or auditing of an ISO 27001 2022 information security management system
- Existing internal auditors
- Employees of any organisation who wish to audit their organisation’s information security management system
- Trainers, managers or consultants seeking to master an information security management system audit process
- Personnel who wish to pursue career as an ISO 27001 2022 management system auditor
- Expert advisors in information security management
Key Benefits
- Develop the career as an ISO 27001 2022 information security management system lead auditor
- Gain the skills to plan, conduct, report and follow up first, second and third party audits in accordance with ISO 19011
- Learn skills to lead an audit team
- Identify the aims and benefits of an ISO 27001 2022 audit
- Interpret ISO 27001 2022 requirements for audit application
- Grasp the application of risk-based thinking, leadership and process management
- Acknowledge the correlation between ISO 27001 2022 and other standards and regulatory frameworks
- Learn the latest ISO 27001 2022 lead auditor techniques
- Consolidate your expertise with the latest developments and contribute to the continuous improvement of the business
Learning & Evaluation Method
This is a live and interactive course. Once you purchase the course, our team will contact you to plan the training. No matter where you are located, we schedule the classes based on your convenience and time zone. You can plan to attend the training in sessions of 4 or 8 hr duration, based on how much time you can spend in a day.
Certification
There are increasing numbers of organizations, who prefer candidates those who have certain certifications from recognized programs. Certification demonstrates your commitment to superior professionalism, upholding industry standards, and continued learning. These merits can help boost your professional credibility and prestige within your own network, in your organisation, with your current clients, and when pursuing new business opportunities. After the successful completion of the course and final exam, you will be awarded with a certificate of completion issued by QGlobal. Your credentials will be made available in the global online directory and can be verified by anyone searching with the certificate number. Without doubt we can say that our training courses are well recognized and sought after by organizations across various geographies.
Sample Certificate
Buy for group Are you planning to buy this course for a group? We have the best prices for you! Select ‘Buy for Group’ option and add to the cart. You will get a discount of 60 – 75% for a group of up to 10 participants. To make a group purchase, create your group name and add individual emails of up to 10 participants. Each participant will get the access to the course materials, exam and the certificate. We will arrange one live-online session for the entire group.
Total: 206 Courses View all
All industries
[/vc_column][/vc_row]
$240
$190
[/vc_column][/vc_row]
$240
$190
[/vc_column][/vc_row]
$350
$290
[/vc_column][/vc_row]
$240
$190
[/vc_column][/vc_row]
$240
$130
[/vc_column][/vc_row]
$240
$190
[/vc_column][/vc_row]
$240
$190
All industries
[/vc_column][/vc_row]
$240
$190
Special
All industries
[/vc_column][/vc_row]
$240
$190
[/vc_column][/vc_row]
$240
$190
[/vc_column][/vc_row]
$240
$190
Aerospace Quality
[/vc_column][/vc_row]
$240
$190
[/vc_column][/vc_row]
$240
$190
[/vc_column][/vc_row]
$240
$190
[/vc_column][/vc_row]
$240
$190
[/vc_column][/vc_row]
$240
$190
[/vc_column][/vc_row]
$350
$290
Biotechnology
Aerospace Quality
[/vc_column][/vc_row]
$240
$130
Total: 206 Courses View all
[/vc_column][/vc_row]
$240
$190
[/vc_column][/vc_row]
$240
$190
Aerospace Quality
[/vc_column][/vc_row]
$120
$99
Aviation & Aerospace
[/vc_column][/vc_row]
$120
$99
Hot
[/vc_column][/vc_row]
$120
$99
Aerospace Quality
[/vc_column][/vc_row]
$120
$99
Awareness training on ISO 27001 2022 standards
-
1
Introduction to standards and certification- Purpose of standardization
- Benefits of certification
-
2Introduction to ISO 27001 2022 standards
1 Introduction to ISO 27001 standards
2 Scope of ISO 27001 standards
3 Key benefits of implementing ISO 27001 standards
-
3ISO 27001 Context of the organization
Understanding the organization and its context
Understanding the needs and expectations of interested parties
Determining the scope of the information security management system
Information security management system and its processes
-
4ISO 27001 Leadership
- Leadership and commitment
- Policy
- Organizational roles, responsibilities and authorities
-
5ISO 27001 Planning
Actions to address risks and opportunities
Information security objectives and planning to achieve them
-
6ISO 27001 Support
Resources
Competence
Awareness
Communication
Documented information
-
7ISO 27001 Operation
Operational planning and control
Information security risk assessment
Information security risk treatment
-
8ISO 27001 Performance evaluation
Monitoring, measurement, analysis and evaluation
Internal audit
Management review
-
9ISO 27001 Improvement
Nonconformity and corrective action
Continual improvement
-
10ISO 27001 Information security controls
Lifecycle considerations while implementing the information security controls
-
11
-
12
-
13
-
14
-
15
-
16
-
17
-
18
-
19
-
20
-
21
-
22
-
23
-
24
-
25ISO 27001A5 Organizational controls
ISO 27001 2022 A5 Organizational controls
ISO 27001 2022 A5.1 Policies for information security
ISO 27001 2022 A5.2 Information security roles and responsibilities
ISO 27001 2022 A5.3 Segregation of duties
ISO 27001 2022 A5.4 Management responsibilities
ISO 27001 2022 A5.5 Contact with authorities
ISO 27001 2022 A5.6 Contact with special interest groups
ISO 27001 2022 A5.7 Threat intelligence
ISO 27001 2022 A5.8 Information security in project management
ISO 27001 2022 A5.9 Inventory of information and other associated assets
ISO 27001 2022 A5.10 Acceptable use of information and other associated assets
ISO 27001 2022 A5.11 Return of assets
ISO 27001 2022 A5.12 Classification of information
ISO 27001 2022 A5.13 Labelling of information
ISO 27001 2022 A5.14 Information transfer
ISO 27001 2022 A5.15 Access control
ISO 27001 2022 A5.16 Identity management
ISO 27001 2022 A5.17 Authentication information
ISO 27001 2022 A5.18 Access rights
ISO 27001 2022 A5.19 Information security in supplier relationships
ISO 27001 2022 A5.20 Addressing information security within supplier agreements
ISO 27001 2022 A5.21 Managing information security in the ICT supply chain
ISO 27001 2022 A5.22 Monitoring, review and change management of supplier services
ISO 27001 2022 A5.23 Information security for use of cloud services
ISO 27001 2022 A5.24 Information security incident management planning and preparation
ISO 27001 2022 A5.25 Assessment and decision on information security events
ISO 27001 2022 A5.26 Response to information security incidents
ISO 27001 2022 A5.27 Learning from information security incidents
ISO 27001 2022 A5.28 Collection of evidence
ISO 27001 2022 A5.29 Information security during disruption
ISO 27001 2022 A5.30 ICT readiness for business continuity
ISO 27001 2022 A5.31 Legal, statutory, regulatory and contractual requirements
ISO 27001 2022 A5.32 Intellectual property rights
ISO 27001 2022 A5.33 Protection of records
ISO 27001 2022 A5.34 Privacy and protection of PII
ISO 27001 2022 A5.35 Independent review of information security
ISO 27001 2022 A5.36 Compliance with policies, rules and standards for information security
ISO 27001 2022 A5.37 Documented operating procedures
-
26ISO 27001A6 People controls
ISO 27001 2022 A6 People controls
ISO 27001 2022 A6.1 Screening
ISO 27001 2022 A6.2 Terms and conditions of employment
ISO 27001 2022 A6.3 Information security awareness, education and training
ISO 27001 2022 A6.4 Disciplinary process
ISO 27001 2022 A6.5 Responsibilities after termination or change of employment
ISO 27001 2022 A6.6 Confidentiality or non-disclosure agreements
ISO 27001 2022 A6.7 Remote working
ISO 27001 2022 A6.8 Information security event reporting
-
27ISO 27001A7 Physical controls
ISO 27001 2022 A7 Physical controls
ISO 27001 2022 A7.1 Physical security perimeters
ISO 27001 2022 A7.2 Physical entry
ISO 27001 2022 A7.3 Securing offices, rooms and facilities
ISO 27001 2022 A7.4 Physical security monitoring
ISO 27001 2022 A7.5 Protecting against physical and environmental threats
ISO 27001 2022 A7.6 Working in secure areas
ISO 27001 2022 A7.7 Clear desk and clear screen
ISO 27001 2022 A7.8 Equipment siting and protection
ISO 27001 2022 A7.9 Security of assets off-premises
ISO 27001 2022 A7.10 Storage media
ISO 27001 2022 A7.11 Supporting utilities
ISO 27001 2022 A7.12 Cabling security
ISO 27001 2022 A7.13 Equipment maintenance
ISO 27001 2022 A7.14 Secure disposal or re-use of equipment
-
28ISO 27001A8 Technological controls
ISO 27001 2022 A8 Technological controls
ISO 27001 2022 A8.1 User endpoint devices
ISO 27001 2022 A8.2 Privileged access rights
ISO 27001 2022 A8.3 Information access restriction
ISO 27001 2022 A8.4 Access to source code
ISO 27001 2022 A8.5 Secure authentication
ISO 27001 2022 A8.6 Capacity management
ISO 27001 2022 A8.7 Protection against malware
ISO 27001 2022 A8.8 Management of technical vulnerabilities
ISO 27001 2022 A8.9 Configuration management
ISO 27001 2022 A8.10 Information deletion
ISO 27001 2022 A8.11 Data masking
ISO 27001 2022 A8.12 Data leakage prevention
ISO 27001 2022 A8.13 Information backup
ISO 27001 2022 A8.14 Redundancy of information processing facilities
ISO 27001 2022 A8.15 Logging
ISO 27001 2022 A8.16 Monitoring activities
ISO 27001 2022 A8.17 Clock synchronization
ISO 27001 2022 A8.18 Use of privileged utility programs
ISO 27001 2022 A8.19 Installation of software on operational systems
ISO 27001 2022 A8.20 Networks security
ISO 27001 2022 A8.21 Security of network services
ISO 27001 2022 A8.22 Segregation of networks
ISO 27001 2022 A8.23 Web filtering
ISO 27001 2022 A8.24 Use of cryptography
ISO 27001 2022 A8.25 Secure development life cycle
ISO 27001 2022 A8.26 Application security requirements
ISO 27001 2022 A8.27 Secure system architecture and engineering principles
ISO 27001 2022 A8.28 Secure coding
ISO 27001 2022 A8.29 Security testing in development and acceptance
ISO 27001 2022 A8.30 Outsourced development
ISO 27001 2022 A8.31 Separation of development, test and production environments
ISO 27001 2022 A8.32 Change management
ISO 27001 2022 A8.33 Test information
ISO 27001 2022 A8.34 Protection of information systems during audit testing
Implementation training on ISO 27001 standards
-
29LI 01 Building the team
-
30LI 02 Conducting gap analysis
-
31LI 03 Preparing implementation plan
-
32LI 04 Creating awareness
-
33LI 05 Conducting training
-
34LI 06 Procuring documents
-
35LI 07 Creating management system manual
-
36LI 08 Creating policies and procedures
-
37LI 09 Creating forms and templates
-
38LI 10 Planning for certification
-
39LI 11 Implementation methodology
- Building the culture
- Plan-Do-Check-Act
-
40LI 12 Role of leadership in implementing the management system
- Leadership concepts
- Role of leaders in implementing the management system
- 12 Characteristics of team leaders and managers
-
41LI 13 Employee motivation and involvement
- Employee wants
- Achieving a motivated workforce
-
42LI 14 Obstacles in implementing the management system
- Inability to manage the change
- No planned review of the system
- Inadequate planning
- Not aligning the goals and matrices
- Poor commitment from top management
- Differences between departments and individuals
- Lack of awareness and not providing continuous training
- Poor documentation
- Inadequate monitoring, measuring and analysis of data and results
- Not paying attention to internal and external customers
- Failure to continually improve
- Failure to motivate and empower employees
Lead auditor training on ISO 27001 2022 standards
-
43Introduction to ISO 19011 2018 Guidelines for auditing management systems
- Scope
- Normative references
- Terms and definitions
-
44ISO 19011 Principles of auditing
-
45ISO 19011 Managing an audit program
- Establishing audit programme objectives
- Determining and evaluating audit programme risks and opportunities
- Establishing the audit programme
- Roles and responsibilities of the individual(s) managing the audit programme
- Competence of individual(s) managing audit programme
- Establishing extent of audit programme
- Determining audit programme resources
- Implementing audit programme
- Defining the objectives, scope and criteria for an individual audit
- Selecting and determining audit methods
- Selecting audit team members
- Assigning responsibility for an individual audit to the audit team leader
- Managing audit programme results
- Managing and maintaining audit programme records
- Monitoring audit programme
- Reviewing and improving audit programme
-
46ISO 19011 Conducting an audit
- Initiating audit
- Establishing contact with auditee
- Determining feasibility of audit
- Preparing audit activities
- Performing review of documented information
- Audit planning
- Assigning work to audit team
- Preparing documented information for audit
- Conducting audit activities
- Assigning roles and responsibilities of guides and observers
- Conducting opening meeting
- Communicating during audit
- Audit information availability and access
- Reviewing documented information while conducting audit
- Collecting and verifying information
- Generating audit findings
- Determining audit conclusions
- Conducting closing meeting
- Preparing and distributing audit report
- Preparing audit report
- Distributing audit report
- Completing audit
- Conducting audit follow-up
-
47ISO 19011 Competence and evaluation of auditors
- Determining auditor competence
- Personal behavior
- Knowledge and skills
- Achieving auditor competence
- Achieving audit team leader competence
- Establishing auditor evaluation criteria
- Selecting appropriate auditor evaluation method
- Conducting auditor evaluation
- Maintaining and improving auditor competence
Lead auditor training on ISO 27001 2022 standards
Evaluation - ISO 27001 2022 (ISMS) - Lead Auditor Course
Course details
Duration
24 hr
Lectures
49
Quizzes
1
Level
Beginner
Popular courses
