SAI Global Assurance Learning is an Exemplar Global certified TPECS provider.
This course meets the knowledge examination requirements of the Information Security Management System (IS) certification scheme.
By completing this Lead Auditor in Information Security Management Systems course you will gain the knowledge and skills to manage and lead an audit an information security management program that complies with ISO 27001:2013.
On successful completion of the assessment activities, will put you on the pathway towards the Nationally Recognized qualification BSB50920 Diploma in Quality Auditing.
Enhance your career through attaining Exemplar Global recognition as a Lead Auditor in Information Security Management Systems.
If you wish to become a registered third-party, or external Quality auditor with Exemplar Global, completing this course is the first step. Once you have obtained the Exemplar Global competencies from this course, you can follow either a qualification-based or competency based certification path.
- Receive concentrated and comprehensive training in the theory and practice of auditing Information Security Management Systems (ISMS) based on ISO/IEC 27001:2022.
- Gain a practical understanding of the responsibilities of an information security auditor, and the techniques and methodologies required to effectively audit an ISMS.
This 4 day course covers the following topics:
- Specific requirements outlined in ISO/IEC 27001:2022
- Information technology, security techniques and security management systems
- Auditing an ISMS that protects information assets such as financial data, customer records and proprietary corporate information
- Exploring the practice and perfecting the necessary competencies to undertake efficient and effective audits of ISMS through in-class activities, case studies and open discussions
On successful completion of this course, participants will obtain the knowledge and skills to:
- Review auditee documentation
- Develop audit schedules
- Identify, gather, analyze and evaluate information
- Conduct an entry and exit meeting
- Assess the scope and objectives of an audit
- Communicate with an auditee regarding the proposed audit
- Identify the resources required to conduct an ISMS audit
- Prepare and manage audit team resources
- Prepare audit related documentation
- Develop and submit an audit plan
- Guide team members in continuously improving their performance
- Compile audit results and report findings
- Negotiate the follow up process with an auditee
- Monitor and review an audit system and its activities
There are no formal entry requirements under the Australian Qualifications Framework to attain the nationally recognized units of competencies.
However to gain the most from this course, you should have knowledge of Information Security Management principles, concepts and specifically the requirements of ISO/IEC 27001:2022 and knowledge of the key Plan-Do-Check-Act (PDCA) cycle within management systems.
If you need to understand the requirements of the ISO 27001 standard in more detail we recommend that you first attend the ISO 27001:2022 Foundation course
Previous experience in auditing prior to attending this course is recommended.
This would include roles such as internal auditor, some training in the internal audit process, or having completed a recognized auditor training program (as defined by ISO 19011:2018)
What accreditation or recognition does this course have?
This course is accredited and leads to the units of competency as outlined in the Achievement section.
What is the duration to complete the course?
The course duration is 6 months and will vary as the time taken to complete assessment varies for each client based on their experience and current skills and knowledge. The course is a combination of pre course work, face-to-face classroom sessions, self-paced learning and work-based assessment projects
The face-to-face classroom sessions are a workshop format that includes the opportunity for discussion and individual activities. Throughout this four (4) day workshop the facilitator will present concepts and examples, supported by workshop activities to illustrate how these concepts can be applied within an organization.
Self-paced learning allows students to practice the knowledge gained during the workshops in their workplace. The amount of time required to complete self-paced learning activities will vary depending on the existing knowledge and skills of each student.
The post course assessment is completed in the workplace to assess the application of the competencies in a workplace situation. This is completed after the student has finished the self-paced learning activities and is required to be submitted within 6 months of attending the course.
Does this course have any assessment requirements?
Yes, this course has in class assessment activities that need to be completed and a post course workplace assessment that needs to be completed and submitted for assessment. It will take approximately 288 hours to complete the post course assessment and will vary for participants based on their knowledge and skills
How do I access my certificate?
Your Statement of Attainment and Exemplar Global Certificate of Attainment you will be emailed this as a pdf on successful completion of all course assessment requirements. This will take up to 28 days once attainment of the relevant units of competency is confirmed by the assessor.
How do I apply for Exemplar Global recognition?
If you wish to become a registered third-party, or external Quality auditor with Exemplar Global, completing this course is the first step. Once you have obtained the Exemplar Global competencies from this course, you can follow either a qualification-based or competency based certification path. For more information visit; http://exemplarglobal.org/certification/what-we-offer/certify-me/
What other courses are relevant to this course?
If you have completed the SAI Global 4 day Lead Auditing an Information Security Management System course you will be able to attend any of our other 2 day management systems auditing courses to broaden your auditing skill set; for example, Auditing a Quality Management System and Auditing a Work Health and Safety Management System. You may also be interested in the course; Implementing an Information Security Management System.
Who is the trainer for my course?
All of our trainers and assessors have extensive and current industry experience and qualifications and meet the national requirements for VET trainers, Exemplar Global or any other relevant accreditation body required for delivery of this course.
Who do I contact in case of any query regarding any of the courses?
For any course-related queries, please email customer support at firstname.lastname@example.org or phone 1-800-374-3818.
This course is intended for those who will be involved in leading audits of an ISMS that conforms to ISO/IEC 27001:2022, or who will become, involved in internal information security audits, second party (i.e. vendor) audits and/or third party audits.
Suggested job roles and their teams include
- Information security managers
- IT and Corporate security managers
- Corporate governance managers
- Risk and compliance managers
- Information security consultants
SAI Global is an Exemplar Global certified TPECS provider. This course meets the knowledge examination requirements of the Quality Management System (QMS) certification scheme. Attendees who successfully demonstrate competence during this course will receive a Certificate of Attainment for the following knowledge competency units:
- Exemplar Global – AU – Management systems auditing
- Exemplar Global – TL – Leading management systems audit teams
- Exemplar Global – IS – Information Security Management System