Learn the requirements of ISO 27001:2013 and how to relate the requirements to your business management system. Understand how process-based management systems conforming to ISO 27001 ensure that Information Security (infoSec) requirements are accurately determined and consistently fulfilled.
Learn the difference between:
- Non-value adding “ISO” systems based on the standard; AND
- Value adding business management systems conforming to ISO 27001.
Gain the tools necessary to conduct and lead process and system audits to determine conformity to ISO 27001.
Attendees successfully completing the TPECS examinations provided in conjunction with this course receive a Certificate of Attainment for these Exemplar Global (formerly RABQSA International) knowledge competency units:
IS – Information Security Management Systems
AU - Management Systems Auditing
TL - Leading Management Systems Audit Teams
The Certificate of Attainment provides evidence of knowledge competency defined by Exempalr Global in the competency units required for certification as an Information Security Management Systems Lead Auditor using ISO 27001.
Who should attend?
- Information Security (InfoSec) professionals
- VP/Directors of IT and IS
- ISO Managers/Management Reps
- Individuals who want to become Exemplar Global (RABQSA) certified information security management system (ISMS) lead auditors using ISO 27001
- Process owners
- Systems professionals or people who want to understand how information security management systems work
- Improvement Specialists
- IT professionals
- Top managers who want to reap the benefit of conforming to ISO 27001 requirements
You will learn how to:
- Plan and execute ISMS development or transition projects ensuring conformity to ISO 27001
- Identify and implement the controls necessary for ensuring the ISMS effectively meets information security requirements
- Relate fiduciary concerns to the performance of the ISMS using ISO 27001
- Develop reliable and pliable systems, particularly effective for organizations where process objectives are constantly changing
- Determine and communicate the resources necessary for the system to work as planned
- Communicate the roles and responsibilities within the ISMS to the organization
- Conduct and lead 1st, 2nd and 3rd party audits, particularly on undocumented systems and audit for process effectiveness against measurable objectives including ISO 27001
- Relate the InfoSec capabilities of the organization to the expectations of customers, top management and shareholders
- Use the ISMS to work proactively and not reactively
- Explain to customers how the organization plans to fulfill its InfoSec promises and show evidence that it has done so in the past
Because of our independence, you can bring your particular process and system concerns to class and the instructor will work to answer your questions as best as possible.
Call us at 888.357.9001 or email info@QMII.com