Auditing is crucial to the success of any management system. As a result, it carries with it heavy responsibilities, tough challenges and complex problems. This five day intensive course prepares delegates for the qualification process for ISO 27001:2005 and trains them on how to plan, manage and implement the audit programme. It also empowers them to give practical help and information to those who are working towards compliance and certification.

IRCA Certified course (A17287)

This course is registered by the governing board of the IQA - International Register of Certified Auditors (IRCA) and meets the training requirements of those seeking registration as a lead auditor under that scheme.

Course structure

A combination of tutorials, syndicate exercises and role-play, including the following topics:

• Information Security
• The importance of Information Security
• ISO 27001:2005
• Reviewing security threats and vulnerabilities
• Management of security risks
• Selecting security controls
• How to build an Information Security management System (ISMS)
• Managing and leading an ISO 27001:2005 audit team
• Interview techniques
• Audit reporting
• Examination to prove competency

Further information

A prior review of ISO/IEC 17799:2000 and ISO/IEC 27001:2005 and knowledge of information security practices is required and evening work may be assigned.