loader image

Welcome to HSEQ Professionals

Linkedin Facebook Instagram Youtube
Enroll in Training

+966-12-6776336

info@hseqprofessionals.net

ISO 27001 Information Security Management System

CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor (ISMS) Training Course

CQI and IRCA Reg. Course No.: 2584
License No.: 01180136

Overview

  • Designed to equip learners with knowledge and skills to perform first-, second-, and third-party audits of Information Security Management Systems (ISMS) against ISO/IEC 27001 (with ISO/IEC 27002), in compliance with ISO 19011 and ISO/IEC 17021.
  • Intended for participants who already understand ISMS principles and ISO/IEC 27001 requirements; aims to refresh and expand on that prior knowledge.
  • Participants must conduct ISMS audits and identify audit evidence to determine conformity or non-conformity.
  • Examination may cover any requirement of ISO/IEC 27001 within the context of expected prior knowledge.

Summary of Course Features

  • Approved by CQI and IRCA (UK)
  • Utilizes an Accelerated Learning Approach with engaging workshops and case studies
  • Workshop-based training backed by comprehensive course notes and practical examples
  • Emphasizes risk-based thinking, PDCA, and the process approach
  • Focuses on high-risk processes and their outputs
  • Examination-based format with IRCA Certificate of Successful Completion and Attendance awarded upon success

Learning Objectives

Knowledge

  • Explain the purpose and business benefits of ISMS, related standards, management system audits, and third-party certification
  • Understand the auditor’s role in planning, conducting, reporting, and following up an ISMS audit per ISO 19011

Skills

  • Plan, conduct, report, and follow up on ISMS audits to assess conformity (or non-conformity) with ISO/IEC 27001 (with ISO/IEC 27002), following ISO 19011 guidelines

Who Should Attend

  • Management representatives, internal auditors, and second- and third-party auditors responsible for delivering value-added ISMS audits to support continual improvement

Course Content

Knowledge

  • Purpose of ISMS and improvements in effectiveness
  • Requirements of ISO/IEC 27001, the PDCA cycle, and overall ISMS structure
  • Differences between first-, second-, and third-party certification audits, including the auditor’s role in assessing confidentiality, integrity, and availability of information
  • Benefits of third-party accreditation for organizations and stakeholders
  • Auditor’s role in planning, conducting, reporting, and following up ISMS audits per ISO 19011 and ISO/IEC 17021 (as appropriate)

Skills (Practiced Through Audits—Simulated or Real)

  • Planning the audit
  • Conducting the audit
  • Auditing ISMS requirements
  • Generating audit findings
  • Reporting the audit
  • Following up on the audit

Prerequisites

Management System Fundamentals

  • Understanding of the Plan–Do–Check–Act (PDCA) cycle
  • Knowledge of core management system elements and their interrelationships (top management responsibility, policy, objectives, planning, implementation, measurement, review, continual improvement)

Information Security Management System (ISMS)

  • Familiarity with fundamental ISMS concepts and the seven security management principles per ISO 27001: customer focus, leadership, engagement of people, process approach, improvement, evidence-based decision-making, and relationship management