Who will the Course Benefit?
The course can be taken by anyone who is pursuing a career in ethical hacking. The course helps you understand and gain hands-on-experience in identifying, counteracting and preventing IT security threats.
This fully accredited course equips you with the skills to conduct second-party (supplier) and third-party (external and certification) Information Security Management System audits. It covers the best-practice audit methodology based on ISO 19011 allowing you to master audit techniques.
At the end of the course you sit the ISO 27001 Certified ISMS Lead Auditor exam. You can demonstrate your professional and practical knowledge and expertise by registering your qualification on the GASQ successful candidate register.
This course is also accredited by the Chartered Institute of Information Security (CIISec), and satisfies the IISP Skills Framework requirements at Level 1: A1, A3, A7, C1, C2, D2, E3, F2, H1 and H2; and at Level 1+: A2, A4, A5, A6, B1, B2, D1, E1, E2, F1 and G1
This course will cover:
- An overview of the structure and major requirements of ISO/IEC 27001.
- An overview of the audit process used by certification bodies.
- The purpose, benefits and core principles of effective auditing.
- Common auditing terms and definitions.
- Critical skills required for performing an audit.
- Best-practice audit methodology based on ISO 19011.
- How to establish, maintain and manage an audit programme.
- How to plan, conduct, report, summarise and follow-up on an audit.
- Effective interviewing techniques and observation skills.
- How to use audits to identify nonconformities and ensure appropriate corrective action is taken.
- How to assess and evaluate the competence of auditors.
- Accredited certification audit specifics.
- How the audit process is used in first, second and third-party audits.
- How to apply continual improvement of the ISMS.
Attendees take the ISO 27001 Certified ISMS Lead Auditor (CIS LA), ISO 17024-certificated, exam set by IBITGQ at the end of the course.
This is a 90-minute multiple-choice online exam, consisting of 40 questions. Candidates need to achieve a minimum of 65% to pass.
Before joining this course, you need to have attended the ISO27001 Certified ISMS Foundation or ISO27001 Certified ISMS Lead Implementer training course or, you have a good working knowledge of ISO 27001 gained through practical experience.