ONLINE TRAINING
Information Security Management System (ISO/IEC 27001:2013) Internal Audit Essentials
This course introduces the knowledge needed to audit and improve Information Security Management System (ISO/IEC 27001) within the organization. This course also explores the requirements of ISO/IEC 27001:2013 and particularly valuable for individuals directly involved in auditing.
By the end of the session, the participants will be able to:
- Plan, develop and implement an ISMS internal audit process appropriate to organization;
- Conduct audit with confidence, gathering objective evidence through observation, interviewing, and document trails to provide factual audit reports that will facilitate improvements towards the Information Security Management System;
- Understand the skills and techniques of auditing and how to communicate the findings of the audit effectively;
- Identify and understand the key requirements in ISMS (ISO/IEC 27001:2013).
Internal auditors, ISMS Implementers, Project Managers, IT Officers, Executives.
Module 1: Audit Concept
- Audit Definition
- Audit Objectives
- Audit Principles
- Framework (Plan, Execute, Report, Follow up)
- Audit Team Members
- Lead Auditor Responsibilities
- Audit Team Responsibilities
- Auditor Competencies
- Developing Audit Plan
- Type of Questions
- Audit Checklist
- Non-Conformance
- Writing Non-Conformance Report
- Writing Audit Report
- Correction vs Corrective Action
- Information Security Fundamentals
- Overview of ISO/IEC 27001:2013 Standard
- Overview of ISMS Clause Requirements
- Overview of ISMS Control Requirements
- Internal Audit Challenges
- Managing Audit Challenges
coming soon
Fee: MYR3,500.00 (subject to 8% SST)
Please click here to register.
Contact us to request for a quotation
18 CPD Point
Please submit the Certificate of Completion to Global ACE Certification at www.globalace.org
Please click here to download brochure
Have any inquiries? Check out the FAQ