PR373: ISO/IEC 27001:2022 ISMS Lead Auditor Training Course (2579)

ISO/IEC 27001:2022 ISMS Lead Auditor Training Course (PR373)

Course

3 Dates available

Certificate of Completion

Virtual learning

40 Lessons

Available online

Seminar Number: PH-C03-LATC-ISMS-2022

The objective of this information security management systems training course is to equip participants with the essential knowledge and skills needed to conduct first, second, and third-party audits of information security management systems in compliance with ISO/IEC 27001 (alongside ISO/IEC 27002), adhering to the guidelines of ISO 19011 and ISO/IEC 17021, where relevant. This course ensures a thorough understanding of the current versions of ISO standards unless specified otherwise.

Participants who successfully conclude this CQI and IRCA Certified ISO/IEC 27001:2022 Lead Auditor (ISMS) Training course (within five years before applying to become a certified auditor) will meet the initial training prerequisites for certification as an IRCA ISMS auditor in the field of information security management systems training.

Benefits

Show Details

Upon completion of the program, participants will be poised to:

Grasp and interpret ISO/IEC 27001:2022 requirements: Gain a comprehensive understanding and the ability to interpret the stipulations of ISO/IEC 27001:2022 effectively.
Master auditing skills for ISO/IEC 27001:2022: Develop the requisite knowledge and proficiency to conduct and spearhead audits in accordance with ISO/IEC 27001:2022.
Assess organizational compliance: Evaluate an organization's adherence to ISO/IEC 27001:2022 and be proficient in crafting and finalizing detailed audit reports, reflecting substantial insights into compliance levels.
Enhance personal auditing compentency: Elevate personal skill sets and refine auditing competency, encompassing advanced techniques and characteristics essential for effective auditing.

Target group

Senior Leadership & Key Executives
Information Security Managers
Management Representatives
Internal Audit Team
Document and Record Custodians
Information Security Practitioners

Requirements

Entry Requirements

Educational and Professional Background: Applicants should possess a college degree and have work experience in information security management. A foundation in QMS ISO/IEC 27001, internal auditor ISO/IEC 27001, or an equivalent degree from a recognized training provider based on ISO/IEC 27001 is also required.

Prerequisite Knowledge

Management Systems: Applicants should have an understanding of the Plan-Do-Check-Act (PDCA) cycle.
Information Security Management: Prospective participants should be familiar with the following principles and concepts of information security management:
- Recognizing the importance of information security.
- Assigning responsibility for information security.
- Integrating management commitment and addressing stakeholder interests.
- Enhancing societal values through information security.
- Utilizing risk assessment results to implement appropriate controls and manage risk effectively.
- Embedding security within information networks and systems.
- Actively preventing and detecting information security incidents.
- Adopting a holistic approach to information security management.
- Continually reassessing and modifying information security measures as needed.

ISO/IEC 27001: Knowledge of the requirements of ISO/IEC 27001 (alongside ISO/IEC 27002) and familiarity with common information security management terms and definitions as outlined in ISO/IEC 27000 are essential. This knowledge can be acquired by completing the CQI and IRCA Certified ISO/IEC 27001:2022 Foundation (ISMS) Training course or its equivalent.

Preliminary Assessment

Participants are required to fill out an assessment questionnaire before attending the seminar to evaluate their readiness and understanding of the course material.

Language Proficiency

Proficiency in both written and spoken English is mandatory as the course will be conducted in English.

Training outline

Show Details

This course imparts foundational knowledge in auditing principles and standards, focusing on the requirements of ISO/IEC 27001, aligned with ISO/IEC 27002. It delves into prevalent terms and definitions in information security management as outlined in ISO/IEC 27000, coupled with guidelines for effective audits as per ISO 19011:2018 and ISO 17021.

Participants will gain insights into:

Responsibility Assignment: Understanding the allocation of responsibility for information security.
Management Commitment & Stakeholder Interests: Integrating management dedication and addressing the concerns and interests of stakeholders.
Societal Values Enhancement: Elevating values within society through informed information security practices.
Risk Assessment & Control Determination: Utilizing risk assessment outcomes to identify and implement suitable controls for maintaining risk at acceptable levels.
Security Integration: Embedding security as a fundamental component of information networks and systems.
Proactive Incident Management: Actively preventing and identifying information security incidents to maintain robust security postures.
Holistic Security Management Approach: Adopting a comprehensive strategy for managing information security effectively.
Continual Security Reassessment: Regularly reviewing and adapting information security measures to address evolving threats and vulnerabilities.
Audit Execution: Mastering the planning, preparation, and execution of audits to ensure compliance and effectiveness.
Monitoring & Follow-Up: Learning effective monitoring techniques and follow-up strategies to ensure the sustained impact of audit activities.
Auditor Communication: Developing communication skills essential for auditors, including questioning techniques, active listening, and addressing communication challenges.

This structured learning experience is designed to equip participants with the skills and knowledge necessary to navigate the complexities of information security management and auditing effectively.

Other information

For payment details and inquiries, please contact academy@phl.tuv.com. Our team will guide you through the payment process and answer any questions about schedules, content, or logistics.

ADDITIONAL INFORMATION

Training fees include materials and a certificate.
Unless stated otherwise, fees are subject to 12% VAT.
A 50% down payment is required before the first day of training. The balance is due on or before the last day.
We accept various payment methods; please reach out for instructions.
For Classroom Trainings, there will be an additional ₱ 1,000 for ancillary costs.

CANCELLATION POLICY

TÜV Rheinland Philippines reserves the right to postpone or cancel public courses due to valid reasons.
Unless cancelled by TÜV Rheinland Philippines, all fees are non-refundable once registration is confirmed.
Cancellations made five days or fewer before the training date are non-refundable; full fees will be charged.
You may nominate a substitute delegate at no extra cost. Please provide their details at least three business days beforehand.

Date selection