The Information Security Management system (ISMS) standard has been revised to the new version ISO 27001:2013. The new standards has come into existence and requires all the certified organizations to upgrade their system at the earliest. The new standards address the requirements which are in line with the integration to other standards. Also more clarity on customer satisfaction, outsource process, product scope, corrective action etc. have been addressed in the new standards. All these and other requirements of the new standards would be discussed in this two day course which will discuss the new standards and it’s requirement. A must for all the MR’s of QMS to understand the new requirement and start the process of change in the organization.
Who should attend ?
This course is recommended for anyone who is planning to perform internal audits/preparing to become an external auditor of information Security Management Systems.
- To communicate any changes in ISMS specific
- requirements arising in ISO 27001:2013.
- Auditing information security management system
- Planning an audit
- Conducting the audit
- Auditing management system requirements
- Generating audit findings
Why this course?
In a nutshell, the internal auditor is an essential role in reporting to senior management on how the information security management system (ISMS) is performing. In smaller organisations, the internal auditor often helps prepare for the certification or maintenance visit by the lead auditor from a Certification Body, and in this respect needs to have a good knowledge of the requirements and processes involved in the certification audit. The most important role of the internal auditor, however, is to continually monitor the effectiveness of the ISMS and help senior managers determine if the information security objectives are aligned with the organisation’s business objectives.