Choose another country to see content specific to your location

//Select Country

ISO/IEC 27001:2013 INFORMATION SECURITY MANAGEMENT SYSTEMS AUDITOR/ LEAD AUDITOR (CQI IRCA) TRAINING

Learn to assess conformance to ISO/IEC 27001:2013 requirements

LIVE VIRTUAL TRAINING SCHEDULE

  • 7th - 11th December 2020: ISO/IEC 27001:2013 Information Security Management System Auditor / Lead Auditor Training (CQI IRCA 17791)
    9 am to 6 pm SGT | 5 Days
  • 22nd - 26th February 2021: ISO/IEC 27001:2013 Information Security Management System Auditor / Lead Auditor Training (CQI IRCA)
    9.30 am to 6.30 pm SGT| 5 Days
  • 26th - 30th April 2021: ISO/IEC 27001:2013 Information Security Management System Auditor / Lead Auditor Training (CQI IRCA)
    9.30 am to 6.30 pm SGT| 5 Days
  • 21st - 25th June 2021: ISO/IEC 27001:2013 Information Security Management System Auditor / Lead Auditor Training (CQI IRCA)
    9.30 am to 6.30 pm SGT| 5 Days

ABOUT THE COURSE

Information being a valuable asset and a building block and key to the growth of any organization needs to be suitably protected like any other important business asset. In the modern world this asset becomes crucial for success and maintaining credibility.

If this asset is compromised then the organization may have to face various threats and risks like brand image erosion, business disruption, financial and productivity loss etc. Information security is the protection of information from a wide range of threats in order to ensure business continuity, minimize business risk, maximise return on investments and increase business opportunities.

The course will be conducted by our experienced lead auditors, who have audited numerous organizations. This intensive course is a key requirement in becoming a registered auditor / lead auditor. The course is structured to provide the knowledge and skills required to assess the Information Security Management System of an organization with respect to the requirements of the ISO 27001:2013 standard.

This comprehensive five-day course comprises of case studies, training, role-plays to ensure that the participant thoroughly understands the role of an auditor / lead auditor and acquires the expertise needed to perform effective audits. Participants who successfully complete the course will be presented with an CQI-IRCA (International Register of Certificated Auditors) registered ‘Certificate Of Successful Completion.’

Duration: 5 - day course

WHAT WILL YOU LEARN FROM THE COURSE? 

  • Course objectives

    • Understanding the purpose of an Information Security Management System and the processes involved in establishing, implementing, maintaining and continually improving an ISMS.
    • Applying PDCA approach to information security management processes.
    • Understanding the role and skills required by an auditor / lead auditor.
    • Understanding auditing concepts and principles. Planning, conducting and reporting audits in accordance with ISO 19011.

  • Course content

    1. ISMS concepts and ISO 27001 standard
    • ISMS concepts and benefits
    • Risk assessment and management
    • ISO 27001 process framework requirements
    • ISO 27001 standard requirements
    • ISMS documentation

    2. Auditing principles
    • Auditing objectives
    • Types of audits
    • Process approach

    3. Roles and responsibility of auditors
    • Auditors and lead auditors
    • The auditors’ responsibilities
    • The lead auditors’ responsibilities
    • Auditors qualification and certifications

    4. Planning an audit
    • Pre-audit planning
    • Reviewing documentation
    • Developing an audit plan
    • Preparing checklists or working documents
    • Communication factors

    5. Conducting an audit
    • Opening meeting
    • Collecting objective/audit evidence
    • Effective interviewing techniques
    • Identifying and recording nonconformities
    • Preparing for the closing meeting
    • Do’s and Don’t’s of auditing
    6. Reporting audit results
    • Conducting the closing meeting
    • Preparing the audit report
    • Distributing the audit report

    7. Corrective actions
    • Corrective action responsibilities
    • Follow up scheduling
    • Monitoring corrective action

    8. ISO 27001 registration
    • Choosing a registrar
    • The registration process
    • Surveillance audits

    9. Exercises / Roleplay (50% of course time)
    10. Written examination

WHAT IS THE COURSE METHODOLOGY?

Evaluation:

Participants will be assessed throughout the course for punctuality, presentation skills, interactive approach, involvement, role-play, daily tests etc. and finally through a written examination at the end of the course. The The examination is ‘closed book’ and only reference material allowed in the examination is a copy of the standard ISO 27001:2013 .
• The passing criteria: 70%.

CQI-IRCA Registered Certificate:

• TÜV SÜD South Asia as Approved Training Partner of CQI IRCA fulfills all compliances of the course PR 320 : ISMS ISO 27001:2013 Lead auditor holding training course reference No. 17829
• Participants who scores 70% and above in both the continuous assessment and written examination will be issued an CQI (Charted Qaulity Institute) & IRCA (International Register of Certificated Auditors) registered certificate of successful completion of the course.
• Unsuccessful candidates will be issued a certificate of attendance from TÜV SÜD South Asia.

WHO SHOULD TAKE THE COURSE?

This course is specially designed for:

• Information Security Practitioners, Head - IT
• Chief Information Security Officer
• Information Security Management System Consultants
• Information Security Management System Management Representative
• Information Security Managers and core group members responsible for establishing, implementing, maintaining, auditing and improving Information Security Management Systems
• Professionals who have a role to play in the implementation of Information Security Management System

  • Prerequisites

    The participants those who are interested to attend this course must have prior Knowledge for management system and principles and concepts of Information security Management.

    Participants are expected to have the following prior knowledge:

    1. Management systems
      Understand the Plan-Do-Check-Act (PDCA) cycle
    2. Information security management
      Knowledge of the following information security management principles and concepts:
      • awareness of the need for information security,
      • the assignment of responsibility for information security;
      • incorporating management commitment and the interests of stakeholders;
      • enhancing societal values;
      • using the results of risk assessments to determine appropriate controls to reach acceptable levels of risk;
      • incorporating security as an essential element of information networks and systems;
      • the active prevention and detection of information security incidents;
      • ensuring a comprehensive approach to information security management;
      • continual reassessment of information security and making of modifications as appropriate.
    3. ISO/IEC 27001
      • Knowledge of the requirements of ISO/IEC 27001 (with ISO/IEC 27002) and the commonly used information security management terms and definitions, as given in ISO/IEC 27000, which may be gained by completing an IRCA certified ISMS Foundation Training course or equivalent.

      *Relevant proofs to be submitted
      This course is not for filling gaps in the knowledge about the standard; but for enhancing the knowledge about the same with regards to audit context.

WHO IS THE COURSE ADVISOR?

The course content and structure are designed by the domain experts from TÜV SÜD.

With immense experience and knowledge in the relevant standards, our team of product specialists and technical experts at TÜV SÜD, developed the course content based on current business landscape and market requirements.

  • WHAT ARE THE BENEFITS OF ENROLLING IN THIS COURSE?
    • World-class training – by learning from TÜV SÜD’s industry experts and training specialists

    • Interactive learning style – with interactive formats such as lectures, illustrations and simulations are used

    • Networking opportunity – where you can meet and build network with like-minded individuals at our instructor-led training

    • Gain a competitive edge – by getting trained by experts known in the fields of safety, security and sustainability

  • FAQs
    1. How do I enroll for the course?
      To enroll, click here and fill out the form accordingly.
    2. What is the course methodology?
      Participants will learn through role plays, case studies, group exercises, scenarios and discussions.
    3. Are there any tests in the middle of the course?
      There are continuous assessment and specimen examination in the middle of the course.
    4. Can I get a refund if I cancel my enrollment?
      Yes, please contact us at [email protected] for more details. Terms and conditions apply.
    5. Can I also attend E-learning courses on top of attending the instructor-led course?
      Yes, you can register to any e-learning courses. If you have special requirements, please contact us at [email protected]  and we can customise a suitable package for you.
    6. Upon completion of the course, would I get a certificate for completion?
      Yes, you will receive a Certificate of Achievement if you successfully passed the examination, or a Certificate of Attendance if you failed the examination.
    7. Who developed the course and what are their qualifications?
      The course content and structure are designed by the domain experts from TÜV SÜD.

      With immense experience and knowledge in the relevant standards, our team of product specialists and technical experts at TÜV SÜD, developed the course content based on current business landscape and market requirements.

    To contact someone from TÜV SÜD, you may email us at [email protected] .

    To know more about TÜV SÜD, please click here.

Next Steps

Select Your Location

Global

Americas

Asia

Europe

Middle East and Africa