Course Outline

I. Information Security Management System compliant with the requirements of ISO 27001
1. Elements of the Information Security Management System according to ISO 27001
2. Exercises in interpreting and analysing the requirements of ISO 27001

II. Audits – general information
1. Entire audit
2. Types of audits

III. Audit planning and preparation
1. Audit criteria and scope
2. Selection of a team of auditors
3. Process approach to internal audits
4. Important Aspects When Creating a Control Question List
5. Practical exercises

IV. Conducting an audit – rules for conducting an on-site audit
1. Auditing techniques
2. Objective evidence
3. Identification of non-conformities and the ability to demonstrate them
4. Practical exercises

V. Documenting audit results
1. Skilful formulation of inconsistencies
2. Documenting non-conformities
3. Identifying and documenting insights and potential for improvement
4. Summary of Audit Results – Audit Report
5. Practical exercises

VI. Effective post-audit activities
1. Responsibilities related to the initiation of corrective and corrective actions
2. The Importance of Precisely Determining the Causes of Non-Conformity
3. Define corrective actions
4. Evaluation of the effectiveness of actions
5. Post-audit activities in relation to insights and potentials for improvement
6. Practical exercises

VII. Discussion and summary

Requirements

Audience

  • Persons preparing for the position of Internal Auditor 27001:2023
  • Anyone interested in the topic
 35 Hours

Provisonal Upcoming Courses (Contact Us For More Information)