The use of Information Security Management Systems (ISMS) and Internal Audits is a familiar concept to organisations wishing to focus upon improvement. However, many organisations have lost sight of or failed to take advantage of the business benefits that can be obtained by understanding and embracing the recent breakthrough changes that have occurred in the design and interpretation of the Standards that make up the ISO 27000 family.
This 2 day course from TMS Insight training brings its customers up to date with the latest tools and techniques which will allow auditors to bring the full business benefits that these changes can offer to their companies. This includes Annexe A in ISO 27001 and ISO 19011.
The latest training materials and learning techniques are employed, delegates will gain access to examples of the latest techniques and how to use them. Not only will this course cover the core skills of effective auditing, it will also show how the key elements of an effective ISMS should operate, integrate and interact with other core business processes.
The course is designed to ensure that you and your company have professional and competent staff who understand how to obtain lasting and significant improvements to your ISMS.
It is also designed to ensure they have access to examples of best practice when auditing, how auditing relates to continuous improvement, how to undertake the key stages of the audit cycle and how to plan, conduct, report and follow up on the findings of an internal audit.
At the end of the course a participant will know how to:
- Describe the responsibilities of an auditor and the role of internal audits and external audits in the maintenance, improvement and certification of the ISMS.
- Explain the purpose and structure of ISO 27001:2017 reference PDCA and a process-based management system.
- Plan and prepare for an audit.
- Gather objective evidence through observations, interview and sampling of documents and records.
- Write factual audit reports that improve the effectiveness of a management system.
- Suggest ways in which the effectiveness of corrective action might be verified.
Those commissioning an in-house course can take advantage of the opportunity to undertake a ‘Live’ on-site Audit.
Personnel from all organisational functions, especially those involved in business improvement process performance and design, compliance and information management, performance monitoring, management and updating of the ISMS.
There are no major prerequisites to this course as all topics are taught from first principles.