Completion of this course fulfills all prerequisite training requirements for CIS exam #ISMS103.

Based upon the ISO 27001 related auditing standards ISO 27007:2011, 27008:2011, and 19011:2011, this course will provide an intensive overview of how to manage an internal audit of an organization's risk management program in along with its corresponding information securitymanagement system. This course will also provide valuable guidance on conducting the internal audits, on establishing and validating the competence of ISMS auditors, and will prepare you for your ISO 27001 Lead Auditor certification;exams required for the well-recognized ISO 27001 Lead Auditor professional certification. This advanced information security credential is the perfect way to complete your information security accomplishments started with ISO 27001 Lead Implementer and ISO 27001 Certified Internal Controls Architect.

This ISO 27001 Lead Auditor training and certification workshop provides thorough coverage of the Auditing the ISO 27001 Information Security Management System and related ISO 27000 standards, as preparing you for professional accreditation as a CIS Certified ISO 27001 Lead Auditor.

Covered topics include: 

• Auditing the Audit Function & Program
• Principles of auditing
• Managing an audit program
  • Establishing the audit program objectives
  • Establishing the audit program
  • Role and responsibilities of the person managing the audit program
  • Competence of the person managing the audit program
  • Determining the extent of the audit program
  • Identifying and evaluating audit program risks
  • Establishing procedures for the audit program
  • Identifying audit program resources
  • Implementing the audit program
  • Monitoring the audit program
  • Reviewing and improving the audit program
• Performing an audit
  • Initiating the audit
  • Preparing audit activities
  • Conducting the audit activities
  • Preparing and distributing the audit report
  • Completing the audit
  • Conducting audit follow-up
• Auditing the ISMS Scope, Policy, Risk Assessment Approach, and ISMS Implementation
  • ISO 27001 Audit Criteria
  • ISO 27005 Best Practices
  • ISO 27007 Evidence Collection Recommendations
• Auditing the ISMS Monitoring and Review
  • ISO 27001 Audit Criteria
  • ISO 27007 Evidence Collection Recommendations
• Audit the ISMS Documentation Fulfillment
  • ISO 27001 Audit Criteria
• Audit the ISMS Organization and Management Commitment
  • ISO 27001 Audit Criteria
  • ISO 27003 Best Practices
  • ISO 27007 Evidence Collection Recommendations
• Auditing ISMS Internal Audit against ISO 27001 Requirements
  • ISO 27001 Audit Criteria
  • ISO 27007 Evidence Collection Recommendations
  • Auditing Management Review
• An overview of using ISO TR 27008 to audit internal controls

Upon successful course completion, a dated certificate for 8 hours of CPE credit is issued to your name. The certificate can be viewed and downloaded from your online gradebook.

ISO 27001 Lead Implementer Information Security