BSI’s “ISO 27001:2005 (BS 7799) – Information Security Management System Lead Auditor” teaches students the fundamentals of auditing information security management systems to ISO 27001:2005 (BS 7799-2:2002). This five-day intensive course trains students on how to conduct audits for certification bodies and facilitate the ISO 27001:2005 registration process. The auditing exercises and lectures are based on ISO 19011:2002, “Guidelines for Quality and/or Environmental Management Systems Auditing.” The course is designed specifically for those people who wish to conduct external assessments or internal audits to ISO 27001:2005, although students will also gain the knowledge and understanding necessary to give practical help and information to other individuals and organizations working toward conformance to the standard.
Learning Objectives
- Review the Requirements of ISO 27001:2005
- Understand the Relationship between ISO 27001:2005 and ISO/IEC 17799:2005
- Learn How to Assess Security Threats and Vulnerabilities
- Understand Security Controls and Countermeasures
- Understand the Roles and Responsibilities of the Auditor
- Learn How to Plan, Execute, Report, and Follow-up on an Information Security Management System Audit
Who Should Attend
- IT Security Officers
- IT Managers
- Auditors interested in 27001:2005 or ISO/IEC 17799:2005
- Information Security Consultants
Prerequisite
A prior review of ISO/IEC 17799:2000 and ISO 27001:2005 and knowledge of information security practices is required.
Next steps
For more information, please contact us or complete our training enquiry form.
