Scribd Logo
Hochladen

Willkommen bei Scribd!

  • ISO27K1

    Hochgeladen von

    budi.hw748
    58 Ansichten6 Seiten
    This 5-day course provides training to become an auditor or lead auditor for information security management systems. The course objectives are to explain the processes for establishing, implementing, operating and improving an information security management system according to ISO 27001. It also covers planning, conducting, reporting and following up audits in accordance with ISO 19011. Through workshops and exercises, participants will learn how to plan and perform audits, interpret audit findings, and issue conformance reports. The course involves continuous assessment, a written exam, and activities such as risk assessments, audit role playing and a case study presentation.

    Originalbeschreibung:

    ISO27K1 - Dckonsultan.com

    Originaltitel

    ISO27K1 - Dckonsultan.com

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    This 5-day course provides training to become an auditor or lead auditor for information security management systems. The course objectives are to explain the processes for establishing, implementing, operating and improving an information security management system according to ISO 27001. It also covers planning, conducting, reporting and following up audits in accordance with ISO 19011. Through workshops and exercises, participants will learn how to plan and perform audits, interpret audit findings, and issue conformance reports. The course involves continuous assessment, a written exam, and activities such as risk assessments, audit role playing and a case study presentation.

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    58 Ansichten6 Seiten

    ISO27K1

    Hochgeladen von

    budi.hw748
    This 5-day course provides training to become an auditor or lead auditor for information security management systems. The course objectives are to explain the processes for establishing, implementing, operating and improving an information security management system according to ISO 27001. It also covers planning, conducting, reporting and following up audits in accordance with ISO 19011. Through workshops and exercises, participants will learn how to plan and perform audits, interpret audit findings, and issue conformance reports. The course involves continuous assessment, a written exam, and activities such as risk assessments, audit role playing and a case study presentation.

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 6

    Course Synopsis

    INFORMATION SECURITY MANAGEMENT SYSTEMS


    AUDITOR/LEAD AUDITOR TRAINING COURSE
    Ref: ISMS LAC
    Duration: 5 days
    This course is certificated by IRCA (Course No. A17279)
    Objectives/Benefits

    Upon completion of this Course, delegates will be able to:

    explain the purpose of an information security management


    system (ISMS) and explain
    the processes involved in
    establishing, implementing, operating and monitoring, reviewing
    and improving an ISMS as defined in ISO 27001, including the
    significance of these for ISMS auditors;

    explain the purpose, content and interrelationship of ISO 17799


    and ISO 19011, ISO/IEC TR 13335 Parts 3 and 4 (GNITS), EA
    7/03 and the legislative framework relevant to an ISMS;

    Explain the role of an auditor to plan, conduct report and follow


    up an ISMS audit in accordance with ISO 19011;

    Interpret the requirements of ISO 17799 and EA 7/03 in the


    context of an ISMS audit;

    Undertake the role of an auditor to plan, conduct, report and


    follow up an audit in accordance with ISO 19011.

    Profile

    The objective of each Course is to equip delegates with knowledge


    and skills required to perform audits of information security
    management systems against the national and international
    specifications, standards, statutory requirements and regulations
    using the principles of ISO 19011.
    The course is not intended to be an implementers course and
    delegates are expected to have some prior experience of
    information security management systems and of ISO 27001.
    The course duration is 40 hours including a two-hour written examination.
    Delegates may need to work late days over the week.
    Delegates will be graded on the basis of:

    www.dckonsultan.com

    Page 1 of 6

    Course Synopsis

    a continuous assessment of their performance against the


    Course objectives;

    their marks obtained in the written examination.

    To successfully complete the Course, delegates must obtain at least:


    a Pass Grade in the continuous assessment;

    70% of the total marks available in the examination.

    COURSE TIMETABLE
    DAY 1
    08.45

    COURSE REGISTRATION

    09.00

    COURSE INTRODUCTION: Overview of Course


    Session 1:

    Introduction of Information Security


    Management Systems

    Workshop 1: Information security concepts


    Session 2:

    ISO 27001:2005 overview and clause 4

    Workshop 1: Feedback
    Session 3:
    13.00-14.00

    Risk assessments; tools and techniques

    Lunch
    Workshop 2: Risk assessment
    Workshop 2: Feedback
    Session 4:

    ISO 27001:2005, clause 5, 6, 7, 8 and


    Annex A

    Workshop 3: Audit evidence


    Workshop 3: Feedback
    18.30

    End of Day 1

    There will be a break of 15 minutes mid-morning and midafternoon

    www.dckonsultan.com

    Page 2 of 6

    Course Synopsis
    DAY 2
    09.00

    Recapitulation
    Session 5:

    Processed based ISMS

    Workshop 4: ISMS audit questionnaire


    Session 6: Registration, certification and auditor
    competence
    Workshop 4: Feedback

    13.00-14.00

    Lunch
    Session 7: Audits: definition, principles, types

    Session 8: Audit planning

    Workshop 5: Planning the audit

    Workshop 5: Feedback

    Workshop 6: Document review

    18.30

    End of Day 2

    There will be a break of 15 minutes mid-morning and midafternoon.

    www.dckonsultan.com

    Page 3 of 6

    Course Synopsis
    DAY 3
    09.00

    Recapitulation

    Workshop 6: Feedback

    Session 9: Preparing for the audit

    Workshop 7; Part 1: Audit role play


    Preparing for the audit;
    development of working documents
    Session 10: Conducting the audit
    13.00-14.00

    Lunch

    Session 11: Audit review

    Workshop 8: Interpretation of the Standard;


    Classification of findings /
    finding statements/CARs

    Session 12: Audit reporting and follow-up


    Role Play: Demonstration of closing meeting
    Workshop 8: continued..

    18.30

    End of Day 3

    There will be a break of 15 minutes mid-morning and midafternoon.

    www.dckonsultan.com

    Page 4 of 6

    Course Synopsis
    DAY 4
    09.00

    Recapitulation
    Workshop 8: Feedback

    Workshop 9: Case study


    Briefing and distribution of final case
    studies

    Workshop 7; Part 2: Audit Role Play


    Conduct of the audit; feedback and group
    discussion

    13.00-14.00

    Lunch
    Workshop 7; Part 2: continued.
    Workshop 9: continued

    Examination review
    Specimen Exam Paper;
    Key elements of course learning objectives

    Workshop 9: continued.

    18.30

    End of Day 4

    There will be a break of 15 minutes mid-morning and midafternoon.

    www.dckonsultan.com

    Page 5 of 6

    Course Synopsis
    DAY 5

    09.00

    Recapitulation
    Workshop 9: Case study presentations
    Presentations in accordance with the
    formal closing meeting format and
    content. Each team member has a
    shared responsibility in presenting
    the results of an analysis of assigned
    information security management
    system.

    13.00-14.00

    Lunch

    Course review and summary

    14.30

    WRITTEN EXAMINATION

    16.30

    End of Course

    There will be a break of 15 minutes mid-morning.

    NB: All Course times are approximate

    www.dckonsultan.com

    Page 6 of 6

    Das könnte Ihnen auch gefallen