Business Continuity Management System

ISO/IEC 27001 Information Security Management Systems and ISO 22301 Business Continuity Management System Internal Auditor Training

Be well equipped to conduct internal audits for ISMS and BCMS

Be well equipped to conduct internal audits for ISMS and BCMS

ABOUT THE ISO/IEC 27001 AND ISO 22301 INTERNAL AUDITOR COURSE 

This comprehensive training program covers two critical areas for organisations: Information Security Management and Business Continuity Management. Participants will gain a deep understanding of the requirements for establishing, implementing, maintaining, and continually improving an information security management system and a business continuity management system.

Our ISO/IEC 27001:2022 Internal Auditor Training course covers the key principles of information security management, the requirements of ISO/IEC 27001:2022 certification standard, and its relation to the ISO 27000 series of standards for information security management. Participants will learn how to conduct internal audit assessments and report their findings based on the principles of ISO 19011:2011.

The ISO 22301 Business Continuity Management System (BCMS) Internal Auditor Training course provides participants with the knowledge and skills to plan and perform effective internal audits on the ISO 22301:2019 BCMS. Participants will also learn how to report audit findings clearly and undertake effective follow-up audits on corrective actions taken to ensure continual improvement.

Participants will gain the expertise needed to protect their organisations’ information assets and maintain business continuity in the face of unexpected and disruptive incidents.

Duration: 4-day course (2-day for ISO/IEC 27001 Internal Auditor course & 2-day for ISO 22301 Internal Auditor course)
Language: English

WHAT WILL YOU LEARN FROM THE COURSE?

At the end of this course, participants will be able to:

  • Gain an understanding of the ISO/IEC 27001:2022 requirements
  • Prepare, conduct and follow-up on ISO/IEC 27001:2022 audit activities
  • Gain the skills to assess an organisation’s capability to manage its ISMS
  • Prepare, conduct and follow-up on ISO 22301:2019 audit activities
  • Gain the skills to assess an organisation’s capability to manage its BCM system
  • Write factual audit reports

Topics to be covered in this course include:

 

  • ISO/IEC 27001:2022 Information Security Management Systems Internal Auditor course
    • Introduction to information security management systems 
    • Key changes in ISO 27001:2013 vs ISO 27001:2022
    • Objectives and benefits of an ISMS
    • Key Principles and Concepts of the ISMS
    • Code of practice ISO/IEC 27001:2022
    • Certification specification ISO/IEC 27001:2022
    • Certification to ISO/IEC 27001:2022
    • The ISO 27000 series of standards
    • Essentials of the Standard
    • The ISMS Audit Planning
    • The ISMS Audit Preparation
    • Conducting an ISMS Audit
    • Recording the results
    • Root Cause Identification
    • Presenting reports
    • Conducting Audit Follow-Up
  • ISO 22301:2019 Business Continuity Management Systems Internal Auditor course
    • Introduction and background to Business Continuity Management
    • Fundamentals of Security and Resilience – Business Continuity Management System, and overview of ISO 22301:2019 requirements
    • ISO 22301 BCM Framework
    • Scope of Business Continuity Management Systems (BCMS)
    • Leadership, Planning, and Support
    • Operation – BIA and RA, BC Strategy and Solutions, BC Plans and Procedures, Exercise Programme
    • Performance Evaluation & Improvement
    • Audit Process Overview
    • Management System Audit
    • Audit Planning and Preparation
    • Formulating Checklist
    • Conducting the Audit, and Audit Reporting & Follow-Up

WHAT IS THE COURSE METHODOLOGY?

 Participants will learn through lectures, case studies, group exercises and discussions.

WHO SHOULD TAKE THE COURSE? 

This course is specially designed for:

  •  Managers or executives responsible for the security and confidentiality of their business-critical information
  • Those people who wish to understand and conduct internal audit assessments to the ISO 27001:2022 certification standard and its relation to the emerging ISO 27000 series of standards for information security management
  • Managers, Advanced IT & Quality Professionals, Management Representatives
  • Internal Auditors, Business Continuity Management & Team Members involved in organisation-wide Business Continuity Management implementation, testing and exercising, assessment and evaluation of plans periodically.
  • This course is also suitable for any Managers or Executives in Organisations providing essential services.

Prerequisite: None

WHO IS THE COURSE ADVISOR?

The course content and structure are designed by the domain experts from TÜV SÜD.

With immense experience and knowledge in the relevant standards, our team of product specialists and technical experts at TÜV SÜD, developed the course content based on current business landscape and market requirements.

 

FREQUENTLY ASKED QUEStIONS

Next Steps

Site Selector