ISO 27001 Internal Auditor & Implementer Training Course

ABOUT THE ISO/IEC 27001 INFORMATION SECURITY MANAGEMENT SYSTEMS INTERNAL AUDITOR AND IMPLEMENTER Training COURSE

In today's digital age, the protection of information has become crucial for any organization's success. A security breach can lead to a tarnished reputation, loss of revenue, and other severe consequences.

The internal auditor course starts with an overview of Information Security Management System (ISMS) and the ISO/IEC 27001:2022 certification standard. We will also delve into its relation to the ISO 27000 series of standards for information security management. This course is based on the principles of ISO 19011:2011 and is designed for those who wish to conduct internal audit assessments to the ISO/IEC 27001:2022 certification standard.

Following the internal auditor module, we offer training on ISO/IEC 27001 ISMS implementer. This training course is structured to provide a detailed understanding of the requirements specified in the ISO/IEC 27001:2022 standard for establishing, implementing, maintaining, and continually improving an ISMS tailored to the needs of the organisation.

Duration: 6-day course (2-day for ISO/IEC 27001 Internal Auditor course & 4-day for ISO/IEC 27001 Implementer course)
Language: English

Note: SGTech members can apply for course funding under STAR FUND 2.0 and receive up to S$500/pax funding. Please refer to FAQ for more details.

WHAT WILL YOU LEARN FROM THE COURSE?

At the end of this course, participants will be able to:

To gain an understanding of the ISO/IEC 27001:2022 requirements
Prepare, conduct and follow-up on ISO/IEC 27001:2022 audit activities
Gain the skills to assess an organisation’s capability to manage its ISMS
Write factual audit reports
Understand ISMS terminology and key elements of information security management
Learn the Plan-Do-Check-Act (PDCA) approach
Know more about processes and their interconnections
Gain valuable insights to the management with regards to ISMS implementation.

Topics to be covered in this course include:

ISO/IEC 27001:2022 Information Security Management Systems Internal Auditor course
- Introduction to information security management systems
- Key changes in ISO 27001:2013 vs ISO 27001:2022
- Objectives and benefits of an ISMS
- Key Principles and Concepts of the ISMS
- Code of practice ISO/IEC 27001:2022
- Certification specification ISO/IEC 27001:2022
- Certification to ISO/IEC 27001:2022
- The ISO 27000 series of standards
- Essentials of the Standard
- The ISMS Audit Planning
- The ISMS Audit Preparation
- Conducting an ISMS Audit
- Recording the results
- Root Cause Identification
- Presenting reports
- Conducting Audit Follow-Up
ISO/IEC 27001:2022 Information Security Management Systems Implementer course
- Understanding the purpose of an Information Security Management System by establish the context of the organization and the processes involved in establishing, implementing, maintaining and continually improving an ISMS.
- Key changes in ISO 27001:2013 vs ISO 27001:2022
- Understanding the mandatory documents and records required by the international standard
- Formulation of ISMS Scope and Statement of Applicability (SoA).Assist top management in formulating the Information Security Policy and Information Security Objectives that are aligned with the strategic direction of the organisation
- Establishing Risk Assessment and Risk Treatment methodology based on the context of the organisation and implementing the same
- Assist in establishing the internal audit program and management reviews within an organisation
- Understanding controls listed in Annex A of the standard and knowledge of implementing correct type of controls to mitigate risks
- Planning and Implementing ISMS
- Performance Evaluation, Monitoring and Measurement of an ISMS
- Continual Improvement of an ISMS
- Preparation for an ISMS Certification audit
- Conducting Internal audits and Management Review
- Corrective action and effectiveness of Corrective action
- Case studies

WHAT IS THE COURSE METHODOLOGY?

Participants will learn through lectures, case studies, group exercises and discussions.

WHO SHOULD TAKE THE COURSE?

This course is specially designed for:

IT and ITMS representatives of an organisation
Personnel responsible for implementing information security management system framework within an organisation.
Project managers or consultants responsible for establishing, implementing, maintaining, auditing and improving Information Security Management Systems within an organisation.
Top Management (IT Head, CISO etc.) and Senior Managers responsible for the IT governance of an enterprise and the management of its risks
Those people who wish to understand and conduct internal audit assessments to the ISO 27001:2022 certification standard and its relation to the emerging ISO 27000 series of standards for information security management

Prerequisite: None

WHO IS THE COURSE ADVISOR?

The course content and structure are designed by the domain experts from TÜV SÜD.

With immense experience and knowledge in the relevant standards, our team of product specialists and technical experts at TÜV SÜD, developed the course content based on current business landscape and market requirements.

What are the benefits of enrolling in this course?
- World-class training – by learning from TÜV SÜD’s industry experts and training specialists
- Interactive learning style – with interactive formats such as lectures, illustrations and simulations are used
- Networking opportunity – where you can meet and build network with like-minded individuals at our instructor-led training
- Gain a competitive edge – by getting trained by experts known in the fields of safety, security and sustainability.

FREQUENTLY ASKED QUESTIONS

How do I enroll for the ISO/IEC 27001 Information Security Management Systems Internal Auditor and Implementer Training course?

To enroll, please fill out the form on the webpage accordingly.
What is the ISO/IEC 27001 Information Security Management Systems Internal Auditor and Implementer Training course methodology?

Participants will learn through role plays, case studies, group exercises, scenarios and discussions.
Are there any tests in the middle of the ISO/IEC 27001 Information Security Management Systems Internal Auditor and Implementer Training course?
There are no in-between assessments, but case studies will be included in the ISO/IEC 27001 Information Security Management Systems Internal Auditor and Implementer Training course.
Can I get a refund if I cancel my enrollment?
Yes, please contact us at [email protected] for more details. Terms and conditions apply.
I would like to register for the course as a SGTech member, how much funding am I eligible for and how can I apply for the funding for this course?

An SGTech member is eligible for up to S$500 per pax per training programme. A SGTech member company can send the same employee to five different training programmes and thus claim a total of S$2,500 worth of training support per employee. However, the maximum number of claims an applicant company can make per qualifying period will be capped at 5.

SGTech member can apply for the funding following the below steps:

1. Please submit a Request for Support on Training on SGTech website here (see Item II, section 1, 2, and 3).
2. Upon application approval by SGTech, you may register and make payment for the course with TÜV SÜD accompanied with your proof of membership
3. Upon completion of the training programme, please submit to SGTech: the proof of training completion form (see Item II, section 3) and proof of payment to TÜV SÜD.
4. SGTech will make the fund pay-out to the applicant.
Can I also attend E-learning courses on top of attending the ISO/IEC 27001 Information Security Management Systems Internal Auditor and Implementer Training course?
Yes, you can register to any e-learning courses. If you have special requirements, please contact us at [email protected] and we can customise a suitable package for you.
Upon completion of the ISO/IEC 27001 Information Security Management Systems Internal Auditor and Implementer Training, would I get a certificate of completion?

Yes, you will receive a certificate of completion at the end of the ISO/IEC 27001 Information Security Management Systems Internal Auditor and Implementer Training course.
Who developed the ISO/IEC 27001 Information Security Management Systems Internal Auditor and Implementer Training course and what are their qualifications?

The ISO/IEC 27001 Information Security Management Systems Internal Auditor and Implementer Training course content and structure are designed by the domain experts from TÜV SÜD. With immense experience and knowledge in the relevant standards, our team of product specialists and technical experts at TÜV SÜD, developed the ISO/IEC 27001 Information Security Management Systems Internal Auditor and Implementer Training course content based on current business landscape and market requirements. The experts also undergo relevant upskilling programmes, benefitting from TÜV SÜD’s 150 years of expertise and global heritage.