For successful completion of the course;
We recommend the following prior knowledge:
a) Management systems - Understand the Plan-Do-Check- Act (PDCA) cycle
b) Knowledge of the following information security management principles and concepts:
Awareness of the need for information security;
The assignment of responsibility for information security;
Incorporating management commitment and the interests of stakeholders;
Enhancing societal values;
Using the results of risk assessments to determine appropriate controls to reach acceptable levels of risk;
Incorporating security as an essential element of information networks and systems;
The active prevention and detection of information security incidents;
Ensuring a comprehensive approach to information security management;
Continual reassessment of information security and making of modifications as appropriate.
c) ISO/IEC 27001 Knowledge of the requirements of ISO/ IEC 27001 (with ISO/IEC 27002) and the commonly used information security management terms and definitions, as given in ISO/IEC 27000.
On completion, successful students will have the knowledge and skills to:
Explain the purpose and business benefits of an information security management system standards, management system audits and of third-party certification. Explain the role of an auditor to plan, conduct, report and follow up an information security management system audit and or establish conformity (or otherwise) with ISO/IEC 27001 (with ISO/IEC 27002) in accordance with ISO 19011
(and ISO 17021 where appropriate)
DID YOU KNOW?
Participant evaluation is through Continuous Assessment during all five days and written examination at the end of the course.
Successful completion of the course is one of the criteria for a CQI IRCA certified Lead Auditor Status.
You can now record your CQI IRCA certificate to access exclusive resources via www.quality.org