> information security>Auditing an ISMS ISO/IEC 27001:2013

SAI Global Assurance Learning is a certified training provider for the following Exemplar Global competency unit(s):

  • Exemplar Global – IS – Information Security Management System
  • Learn how to audit an information security management program that complies with ISO 27001:2013.
  • Enhance your career by gaining a professional qualification with Exemplar Global recognition as an Information Security Management Systems auditor.
  • Successful auditing will improve the protection of any organisation’s private data to meet market assurance and corporate governance needs

This two day advanced course develops the skills needed to perform effective internal/external audits against the ISO/IEC 27001:2013 Information Security Management Systems standard. Participants will learn how to use an audit program to monitor and improve their organization’s Information Security Management System, and develop the skills needed to conduct effective audits.

This course forms part of the four-day Lead Auditor in Information Security systems course and provides a technical understanding of ISO/IEC 27001:2013.

Our ISO 27001:2013 courses must still teach to the current requirements of that standard and the controls that it refers to in Annex A until such time that it is republished as ISO 27001:2022 (expected mid 2022).
In the interim, ISO 27002:2022 was released in February 2022 which indicates how the Annex A of ISO 27001:2022 is likely to be updated. During this interim period a mapping document will be provided that provides an overview to ISO 27002:2022 and also shows the mapping and changes in terms of controls.
All audits for ISO 27001:2013 will continue to be carried out against its current requirements until it is officially updated.

This course covers the following topics:

  1. Overview of an ISMS
  2. Understanding ISO/IEC 27001:2013, ISO/IEC 27002:2013 and ISO/IEC 27005
  3. The intent of ISO/IEC 27001
  4. How auditors should seek and capture objective evidence

You should have knowledge of how management systems work and the key Plan-Do-Check-Act (PDCA) cycle. You should also have knowledge of the requirements of ISO/IEC 27001:2013. If you do not, we recommend attending our one day ISO/IEC 27001:2013 Foundation course

On successful completion of this course, participants will be able to /p>

  1. Discuss how ISO/IEC 27001:2013 relates to the business management system
  2. Understand the application of an ISMS in the context of ISO/IEC 27001:2013
  3. Understand the relationship of an ISMS with the critical information of an organisation
  4. Review the ISMS documentation including the risk assessment and Statement of Applicability
  5. Assess an ISMS for its compliance with the security objectives of an organisation and ISO/IEC 27001:2013

Upon successful completion of all formal assessments, participants will receive:

Certificate of Attainment

  • Exemplar Global – IS – Information Security Management System

Exemplar Global Logo

What accreditation or recognition does this course have?

This course is accredited and leads to the units of competency as outlined in the Achievement section.

Does this course have any assessment requirements?

As an accredited course, this course contains assessment requirements. The course contains a series of in-class assessment activities designed to reinforce the key skills and knowledge outcomes and knowledge checks at the end of each day.

How do I apply for Exemplar Global recognition?

Once you have completed all the assessment requirements of this course for Exemplar Global you can apply to Exemplar Global as a “provisional auditor”. For more information visit; http://exemplarglobal.org/certification/what-we-offer/certify-me/

How do I access my certificate?

Your Statement of Attendance will be sent to you on completion of the course. Your Exemplar Global Certificate of Attainment will be emailed this as a pdf on successful completion of all course assessment requirements. This will take up to 28 days once attainment of the relevant units of competency is confirmed by the assessor.

Who is the trainer for my course?

All of our trainers and assessors have extensive and current industry experience and qualifications and meet the national requirements for VET trainers and Exemplar Global.

What other courses are relevant to this course?

Other courses that may be of interest include; Foundation and Implementing an Information Security Management System or Lead Auditor Information Security Management Systems. If you are looking to increase your portfolio of management systems you may be interested in our other auditing management systems courses (ISO 9001, ISO 14001, ISO 45001)

What if I require assistance in completing this course? For example; Literacy, numeracy, physical, vision or hearing support

We are able to modify some course requirements – please contact customer support to discuss any concerns or support requirements you may have.

Who do I contact in case of any query regarding any of the courses?

For any course-related queries, please email customer support at training.americas@saiglobal.com or phone 1-800-374-3818.

This course is ideal for those who will be either taking part in or leading audits of an ISMS that conforms to ISO/IEC 27001:2013 in any organisation.

Suggested job roles and their teams include (but not limited to)

  1. Information security managers
  2. IT and Corporate security managers
  3. corporate governance managers
  4. Risk and compliance managers
  5. Information security consultants

Upcoming Courses

Sorry, there are no Auditing an ISMS ISO/IEC 27001:2013 public training courses scheduled at this time. View more courses here, or contact us.

Related Courses