ISO 27001:2013 Internal Auditor – Onsite Only

Description

This onsite 2.5 day Internal Auditor course explains the requirements of the ISO 27001:2013 information security management system standard and conveys the principles and practices of effective auditing.

The 1.5 day Requirements module covers every ISO 27001:2013 requirement. Class workouts and team activities are provided at the end of each major clause to reinforce the application of the requirements. The answer keys for these exercises are included at the back of the student book.

The 1.0 day Auditing module covers the concepts, methods, and techniques in the ISO 19011:2011 Auditing Guidelines standard. Exercises on checklists, interviews, and writing nonconformities are included. The answer keys for these exercises are provided at the back of the student book.

Learning Objectives

Upon completion of this course, students should be able to:

  • Explain information security concepts
  • Interpret ISO 27001:2013 requirements
  • Identify the required documentation
  • Understand internal auditor responsibilities
  • Apply ISO 19011:2011 auditing guidelines
  • Recognize audit principles and practices
  • Conduct all the phases of an internal audit
  • Prepare effective audit reports

Audience

This course is intended for anyone responsible for conducting, managing, or participating in information security management system audits. Students may be senior managers, quality managers, security managers, implementation teams, and new internal auditors.

Outline – Requirements

  • Concepts
  • Annex SL
  • Clause Structure
  • Requirement Grouping
  • ISO 27001 Family of Standards
  • Plan-Do-Check-Act
  • Context of the Organization (4.1 – 4.4)
  • Class Workout
  • Team Activity
  • Leadership (5.1 – 5.3)
  • Class Workout
  • Team Activity
  • Planning (6.1 – 6.3)
  • Class Workout
  • Team Activity
  • Support (7.1 – 7.5)
  • Class Workout
  • Team Activity
  • Operation (8.1 – 8.3)
  • Class Workout
  • Team Activity
  • Performance Evaluation (9.1 – 9.3)
  • Class Workout
  • Team Activity
  • Improvement (10.1 – 10.2)
  • Class Workout
  • Team Activity
  • Annex A.5 through A.18
  • Team Activity

Outline – Auditing

  • Audit Concepts
  • Roles and Responsibilities
  • Audit Initiation
  • Class Workout
  • Document Review
  • Audit Preparation
  • Exercise: Checklists
  • Audit Execution
  • Class Workout
  • Exercise: Interviews
  • Nonconformity Writing
  • Exercise: Three Scenarios
  • Class Workout
  • Audit Reporting
  • Audit Completion
  • Corrective Actions
  • Audit Follow-up
  • Audit Principles
  • Audit Benefits

Handouts

  • Copy of Presentation Slides
  • Annex SL, Appendix 2
  • Clause Quick Reference
  • Audit Quick Reference
  • Internal Audit Procedure for Exercise
  • Corrective Action Forms for Exercise
  • Process Worksheet – Risk Version

Duration

2.5 days (1.5 days on Requirements and 1.0 day on Auditing)

Class Hours

Day 1: 8:30 AM – 4:30 PM
Day 2: 8:30 AM – 4:30 PM
Day 3: 8:30 AM – 12:00 PM

Fee

The all-inclusive price for the onsite course is $5000, plus $100 per student, plus instructor travel expenses. The class size should be at least 4 students and no more than 25 students.

Contact

If you have any questions about this course, please call us at 770-862-1766 or send an e-mail to [email protected].

Whittington & Associates

We are committed to providing expert training, effective consulting, and valuable auditing. If you have any questions about our services, please contact us at 770-862-1766, or [email protected].