Course Outline
I. Introduction to Information Security
1. Systemic information security management
2. Benefits and added value for the organization
II. Overview of ISO 27001 requirements
1. What are the requirements of the standard?
2. What should you pay special attention to?
3. Identification of documentation requirements
4. Overview of Annex A
III. Information Security Management System compliant with the requirements of ISO 27001
1. Elements of the Information Security Management System according to ISO
27001
2. Exercises in interpreting and analysing the requirements of ISO 27001
IV. Audits – general information
1. Introduction to Audit
2. Entire audit
3. Audit criteria
4. Types of audits
V. Audit planning and preparation
1. Audit criteria and scope
2. Selection of a team of auditors
3. Process approach to internal audits
4. Important Aspects When Creating a Control Question List
5. Conducting an audit according to ISO 19011:2018
6. Practical exercises
VI. Conducting an audit – rules for conducting an on-site audit
1. Auditing techniques
2. Objective evidence
3. Identification of non-conformities and the ability to demonstrate them
4. Competencies of a watering auditor
5. Practical exercises
VII. Documenting audit results
1. Skilful formulation of inconsistencies
2. Documenting non-conformities
3. Identifying and documenting insights and potential for improvement
4. Summary of Audit Results – Audit Report
5. Practical exercises
VIII. Effective post-audit activities
1. Responsibilities related to the initiation of corrective and corrective actions
2. The Importance of Precisely Determining the Causes of Non-Conformity
3. Define corrective actions
4. Evaluation of the effectiveness of actions
5. Post-audit activities in relation to insights and potentials for improvement
6. Practical exercises
IX. Discussion and summary
Requirements
Audience
- Individuals preparing for the position of Lead Auditor 27001:2023
- Anyone interested in the topic
Testimonials (3)
The quizzes to reinforce the reading and the ability to ask questions at any time
Jonathan
Course - ISO 9001 Lead Auditor
With both my 2022 ISO 9001 audit prep-related training & the recently completed ISO 9001 audit prep refresher course; Dereck has helped me significantly with regards to gaining a new & practical perspective of the ISO 9001:2015 clauses & sections & how they apply to our business. Dereck has also helped me with both training courses --- to improve my ISO-related communications both with our company's employees and the external ISO Auditors .
Dana Foster - Corrigan Oil Company
Course - ISO 9001 Foundation
I enjoyed the quizzes, and Driton's style of teaching.