making IT better!
MENU

Internal Auditor for an Information Security Management System based on ISO/IEC 27000

Enroll Now! or Contact Us!

The ISO/IEC 27000 Auditor course addresses the standard from an audit requirements point of view. It highlights the audit activities set by the ISO/IEC 19011 standard, and trains the participant to carry out audits in an organization that has implemented an information security management system based on ISO/IEC 27000.

The student who completes the course will have developed the capabilities needed to carry out internal audits of an information security management system.


Objectives

To provide the students with practical knowledge about the audit cycle and with the skills and knowledge for:

  • To carry out internal audits against the ISO/IEC 27001 requirements and the ISO/IEC 27002 controls, conducted according to ISO 19011 and contribute to the Information Security Management System continual improvement.
  • To describe referring to the Plan, Do, Check, Act (PDCA) cycle, the purpose, structure and requirements of ISO/IEC 27001 from an internal auditor point of view.
  • To describe the internal auditor responsibilities and to describe the role of internal audit in the management system improvement and maintenance.

Audience

This course is aimed to:

  • Internal and external service provider staff with a defined role of ISO/IEC 27000 or who have interest in these standards.
  • Management and staff of all corporate divisions, particularly quality management managers and individuals interested in carry out audits.

Note: It is expected that participants have Information Security System Management and ISO/IEC 27001 and ISO/IEC 27002 before attending the training course.


Prerequisites

It is recommended that the participant has obtained the Information Security Foundation based on ISO/IEC 27002 certificate and attended the IT Risk Management training course, but it is not mandatory if he/she has knowledge about ISO/IEC 27002 and IT Risks.


Exam

The certification exam has the following characteristics:

  • Its applied under customer request.
  • It does NOT issue any certification accredited by any ITSM organization.
  • Includes 60 multiple choice questions.
  • Has a duration of 105 minutes.
  • Is a closed book exam, using only the ISO/IEC 27001 and ISO/IEC 27002 standards as reference.
  • A minimum of 65% is required to approve.
  • Is a paper based exam.

Topics

The course has the following topics:

  1. Introduction
  2. Requirements for an Information Security Management System
  3. Basic Concepts of Auditing
  4. Planning Audit Programs for an ISMS
  5. Implementing Internal Audits for an ISMS
  6. Measuring, Monitoring and Reporting Internal Audits
  7. Improving Internal Audits for an ISMS
  8. Qualification Scheme
  9. Exam Description
  10. Review, Evaluation and Examination

Advantages offered by Global Lynx

Our instructors are certified in different ITSM, ISO, Information Security and Risk Management disciplines and have an extensive experience in:

  • The design and implementation of Information Security Management Systems in the private and in the public sector.
  • The selection, implementation and configuration of tools and controls which support the Information Security management and which are the ones of most standing and acknowledgement in the market.
  • First and second level audits for Information Security Management Systems.
  • Teaching various ITSM, ISO, Information Security and Risk Management courses in the academic and professional field.
The participant receives a high quality, didactic material in Spanish and English, accredited by EXIN (Examination Institute for Information Science).

Payment methods:

  • Check
  • Wire transfer
  • Credit card (via PayPal)

For more information about this training course (schedules, locations, costs, etc.) or any of the other IT training courses we offer, please contact us. We will be happy to assist you!

We can be flexible. Contact us to set a date that works for you! Ask for Team Discounts!