ISO 27001:2013 Internal Auditor, 2 Days

The use of Information Security Management Systems (ISMS) and Internal Audits is a familiar concept to organisations wishing to focus upon improvement.  However, many organisations have lost sight of or failed to take advantage of the business benefits that can be obtained by understanding and embracing the recent breakthrough changes that have occurred in the design and interpretation of the Standards that make up the ISO 27000 family.

This course from TMS Insight (Global) Ltd brings its customers up to date with the latest tools and techniques which will allow auditors to bring the full business benefits that these changes can offer to their companies.  This includes Annexe A in ISO 27001 and ISO 19011.

The latest training materials and learning techniques are employed, delegates will gain access to examples of the latest techniques and how to use them.  Not only will this course cove the core skills of effective auditing, it will also show how the key elements of an effective ISMS should operate, integrate and interact with other core business processes.

Internal Auditor Training
This course is designed to ensure that you and your company have professional and competent staff who understand how to obtain lasting and significant improvements to your ISMS.

It is also designed to ensure they have access to examples of best practice when auditing, how auditing relates to continuous improvement and how to undertake the key stages of the audit cycle plan, conduct, report and follow up on the findings of an internal audit.

The Course Objectives
At the end of the course a participant will know how to;

• Describe the responsibilities of an auditor and the role of internal audits and external audits in the maintenance, improvement and certification of the ISMS.
• Explain the purpose and structure of ISO 27001:2017 reference PDCA and a process based management system.
• Plan and prepare for an audit.
• Gather objective evidence through observations, interview and sampling of documents and records.
• Write factual audit reports that improve the effectiveness of a management system.
• Suggest ways in which effectiveness of corrective action might be verified.

Those commissioning an in-house course can take advantage of the opportunity to undertake a ‘Live’ on-site Audit.

Duration:   2 days

Target Audience:  Personnel from all organisational functions, especially those involved in business improvement process performance and design, compliance and information management, performance monitoring, management and updating of the ISMS.

Prerequisites:   There are no major prerequisites to this course as all topics are taught from first principles.

ISO 27001:2013 Lead Auditor, 5 days

This is the premier standard in training for Auditors.  It takes the skills and knowledge of Auditors to the level necessary for conducting effective third part and external audits of Information Security Management Systems (ISMS).

The course is challenging and highly participative.  It involves the use of advanced learning techniques inall of the group sessions.  it is designed to stretch the delegates and the tutor, such that everyone involved gets the most from the event.

The course also features a range of scenarios that a Lead Auditor will experience and helps them to understand how to interpret these situations in an auditing environment.  The scenarios are drawn from ‘real-life’ situations and are designed to challenge the delegates concepts of quality and interpretation of ISO 27001:2013.

Those commissioning an in-house course can take advantage of the opportunity to undertake a ‘Live’ on-site Audit.

The course culminates in a formal examination and the issuing of certificates to the successful candidates.

The Course Objectives
By the end of the course, a participant will;

• Have experienced each stage of planning, preparation, conducting and reporting of a first, second or third part audit.
• Understand how to deploy and manage a team of auditors.
• Have experienced a range of scenarios designed to expand their knowledge and interpretation of ISO 27001:2013 and how to assess the diverse elements of an ISMS.
• The ability to assess and evaluate disparate examples of auditing situations and to interpret their impact on compliance with the relevant parts of ISO 27001:2013.
• Have experienced all stages of conducting and reporting a live audit.
• Have undertaken ‘Live’ or realistic role-played opening and closing meetings with host company representatives.
• Have a complete evidence portfolio of a live audit.

Duration:  5 Days

Target Audience:  Any personnel involved in internal audits, but specifically those involved in second party (supplier) or third party (certification) audits.

Prerequisites:   Some knowledge of the ISO management system model would be advantageous, as would a basic understanding of ISO 27001:2013 in particular.  However, these are not essential prerequisites for attendance.