To provide guidance and practical experience in planning, executing, and reporting Information Security Management System Audits.

Information security is now recognized as an important business process which if not managed correctly and efficiently may impact upon an organizations ability to deliver its products and services to their customers. Just as important lack of security has the potential to impact upon revenues. The highly specialised skills and practical knowledge needed to assess an organisations capability in managing all aspects of information security is one that can be learnt.

This innovative two-day course provides a solid foundation in all aspects of the audit process. Stage by stage delegates are taken through a structured programme that includes a balance of theory and practice using a combination of workshops and practical exercises enabling delegates to gain an understanding of the key activities for auditing.

Benefits to your business

• To have competent auditors within the organization
• To ensure compliance to an international standard for Information Security Management Systems
• Ensure that the organization demonstrates its ability to provide managed information security that meet customer requirements through internal audit
• Enable the organization to benchmark the Information Security Management System

Course Structure

• To show how an understanding of ISO/IEC 27001, will provide the basis for audits
• Through sessions and exercises, delegates will be able to identify the stages of audits:
  • Principles of auditing
  • Managing an audit programme
  • Audit activities
  • Initiating the audit
  • Preparing for audit
  • Conducting audit
  • Finalizing the audit
  • Audit follow-up