Internal ISMS Auditor Training Course - IISMSA

OBJECTIVES
Aims
The purpose of this course is to equip delegates with the knowledge and skills needed to perform internal audits on information security management systems and to contribute to the continual improvement of the management system. Delegates are expected to have knowledge of information security management systems and ISO 27001:2005 before attending this course. This background knowledge is provided on the Information Security Management Systems Foundation Training Course.

By the end of this course, delegates will be able to:

1. describe with reference to the Plan-Do-Check-Act (PDCA) cycle, the purpose, structure and requirements of ISO 27001:2005 from the point of view of an internal auditor;
2. describe the responsibilities of an internal ISMS auditor and describe the role of internal audit in the maintenance and improvement of management systems;
3. plan, conduct and report an internal audit of part of an information security management in accordance with ISO 19011.

Delegates will need to demonstrate acceptable understanding and performance in the three IRCA course learning objectives above in order to complete the course successfully.

Profile:
This course comprises presentations, workshops and role-play exercises. Participants are not expected to possess knowledge of auditing, quality management system or ISO 27001 before attending the course. Successful completion of this course and the ISO 27001 foundation course fulfils part of the training requirements for certification and an internal ISMS auditor with the IRCA.

This course is certificated by the IRCA (Course No. A 17282).