ISMS ISO 27001:2022 Lead Auditor – PR373 (Course ID: 2626)

The training course is implemented by TÜV AUSTRIA Hellas, as a CQI and IRCA Approved Training Partner, ID:6053715

Description

This course aims to provide learners with the knowledge and skills required to perform first, second and third-party audits of information security management systems against ISO/IEC 27001 (with ISO/IEC 27002), in accordance with ISO 19011 and ISO/IEC 17021, as applicable.

Who is it for?

This course is for those intending to acquire the competence to audit an organisation’s entire ISMS to meet the requirements of ISO/IEC 27001, either as a third or second-party auditor.

Learning outcomes

1. Explain the purpose and business benefits of an information security management system, of information security management systems standards, of management system audit and of third-party certification.
2. Explain the role of an auditor to plan, conduct, report and follow up an information security management system audit in accordance with ISO 19011 (and ISO/IEC 17021 where appropriate).
3. Plan, conduct, report and follow up an audit of an information security management system to establish conformity (or otherwise) with ISO/IEC 27001 (with ISO/IEC 27002) in accordance with ISO 19011 (and ISO/IEC 17021 where appropriate).

Recommended Prior Knowledge:

• Management systems

Understand the Plan-Do-Check-Act (PDCA) cycle

• Information security management

Knowledge of the following information security management principles and concepts:

• awareness of the need for information security;
• assignment of responsibility for information security;
• incorporating management commitment and the interests of stakeholders;
• enhancing societal values;
• risk assessments determining appropriate controls to reach acceptable levels of risk;
• security incorporated as an essential element of information networks and systems;
• active prevention and detection of information security incidents;
• ensuring a comprehensive approach to information security management;
• continual reassessment of information security and making of modifications as appropriate.

A very good knowledge of the standard and familiarity with its requirements is required.

Exams

Examinations are conducted online through the CQI-IRCA examination platform within 30 days from the last day of the training course. Upon successful completion of the examinations, an IRCA-CQI Auditor/Lead Auditor Certificate is awarded. The exam questions may relate to prior knowledge that is not covered in this course. It is strongly recommended that learners who lack the required prior knowledge acquire it before booking a place on the course. In case of failure in the final exams, a Certificate of Attendance is issued, and the opportunity for a re-examination is provided within one year.

CANCELLATION POLICY:  All training programs are conducted only when the required number of participants is reached. TÜV AUSTRIA ACADEMY reserves the right to postpone, change the instructors and the location of the program, as well as to cancel its training programs. Confirmation or cancellation of the program will be made:

• One (1) week before the program start date (for in-person attendance) and
• Two (2) days before the program start date (for online attendance via the digital platform).

By submitting the participation fee, the Participation Declaration becomes binding. Cancellation of participation can only be made in writing, no later than:

• Five (5) days before the scheduled start date of the program (for in-person attendance) and
• Three (3) days before the scheduled start date of the program (for online attendance via the digital platform).

In case of failure to notify TÜV AUSTRIA ACADEMY of a cancellation in time, 40% of the participation fee will be retained. *The training programs of TÜV AUSTRIA ACADEMY are exempt from VAT, according to Law No. 2859/2000, Article 22 § 1.

With every registration, you contribute to covering part of the heating costs of “The Smile of the Child”.

Due to site upgrading, it is temporarily not possible to complete the process. To register your participation in the training programme, please send your request to training@tuv.at