BSI's "ISO/IEC 27001:2005 - Information Security Management System Lead Auditor" teaches students the fundamentals of auditing information security management systems to ISO/IEC 27001:2005 (BS 7799-2:2002). This five-day intensive course trains students on how to conduct audits for certification bodies and facilitate the ISO/IEC 27001:2005 registration process. The auditing exercises and lectures are based on ISO 19011:2002, "Guidelines for Quality and/or Environmental Management Systems Auditing." The course is designed specifically for those people who wish to conduct external assessments or internal audits to ISO/IEC 27001:2005, although students will also gain the knowledge and understanding necessary to give practical help and information to other individuals and organizations working toward conformance to the standard.
IRCA Certified Course (A17287) This course is certified by the International Register of Certificated Auditors (IRCA) and meets training requirements for those seeking registration as a lead auditor under their ISMS scheme.
Learning Objectives
- Review the Requirements of ISO/IEC 27001:2005
- Understand the Relationship between ISO/IEC 27001:2005 and ISO/IEC 27002:2005
- Learn How to Assess Security Threats and Vulnerabilities
- Understand Security Controls and Countermeasures
- Understand the Roles and Responsibilities of the Auditor
- Learn How to Plan, Execute, Report, and Follow-up on an ISMS Audit
- Students should note that the course does require evening work and there is a 2 hour exam on Day 5 at 9:30 am
Course Materials Provided
Students receive comprehensive course manuals with reference materials.
Who Should Attend
- IT Security Officers
- IT Managers
- Auditors interested in ISO/IEC 27001:2005 or ISO/IEC 27002:2005
- Information Security Consultants
Prerequisite
A prior review of ISO/IEC 27002:2005 and ISO/IEC 27001:2005 and knowledge of information security practices is required.
Next Steps
