ISO/IEC 27001:2013 Lead Auditor Certification Training Course
Course Overview Who is this course for?
Our ISO/IEC 27001 Lead Auditor training event is based on assisting and verifying the competencies/capabilities of the Learner to be able to effectively audit a complete ISMS based on ISO/IEC 27001:2013 requirements with speciﬁc emphasis of 2nd Party auditing [Customer/Supplier audits] and 3rd Party auditing [Certiﬁcation Bodies]. During the delivery, the Learner will complete a Consultant facilitated complete systematic audit of a ISMS. The facilitated audit of the ISMS, will cover the full audit life cycle as deﬁned by ISO 19011 and the Learner will have to demonstrate and be assessed on the effective application of audit tools and techniques, auditor skills and behaviours.
Key Course Learning Outcome Why this course is unique?
With an additional 5 hours of learning compared to our competitors, we cover new and additional topics in more depth. We focus on auditing that provides Assurance that the Information Security Management Systems meets the needs of the interested parties & our Learners are equipped to make higher quality insights for improved Information security.
Course Basics What is essential to know?
- This is a 5-day learning event.
- Start/Finish Times: 08:00am – 18:00pm (each day).
- Prior Learning Requirements: Learners are required to be familiar with ISO/IEC 27001:2013 Requirements in advance of registering for this training. There are also additional pre-requisites, see our website to review these important details.
Upcoming Dates and Locations Where can I register?
We are sorry but there are currently no public training dates available for this course at the moment! If you would like to send us your details, we will contact you when a course becomes available near you. If you have any questions about this course, call (312) 496 6607.
- The Business/Societal Case for ISO/IEC 27001:2013*
- Purpose and Impact of Annex SL
- ISO/IEC 27001 Process Model
- New and Revised Terminology
- ISO 27000 Family of Standards/Relevant Standards
- The Relationship between External and Internal Issues, Interested Party Requirements
- Risks and Opportunities
- Overview of Information Security Controls
Introduction to Auditing
- Audit Terminology, Principles ISMS Audits and their Differences
- Auditor Code of Ethics
- Management of an Audit Program
- Audit Life Cycle Audit Roles and Responsibilities throughout The Audit Life Cycle*
- Desired Auditor Behaviors**
Introduction to ISMS Auditing
- Process Terminology*
- Process Models/Methodology & Categories*
- Evaluation of the effectiveness of a Process*
- Processes and the application of PDCA & Risk*
- The ISMS Certiﬁcation Cycle & 3rd Party Certiﬁcation**
- Special Conformity Audits**
- Initiating & Preparing for the Audit
- Audit Trails
- Purpose and benefits for establishing initial contact and forms of contact
- Case Study: Document Review
- Audit Plan
- Audit Checklist
- Audit Protocol
- Purpose, process and benefit of an Opening Meeting
- Case Study – Opening Meeting
- Lead Auditor Leadership and Supervision**
- Responsibilities of the Lead Auditor
- Communication throughout the Audit Life Cycle
- Monitoring Audit Progress
- Consensus and Resolution Conflicts
- Lead Auditor Leadership
- Audit Reporting
- Audit Follow-Up
- Auditor/Technical Expert Coaching, Mentoring and Evaluation**
- Collecting and Verifying Information
- Introduction to Audit Findings
- Audit Findings
- Case Study: Writing Audit Findings
- Case Study: Writing the Audit Report**
Completing the Audit
- Evaluating Correction & Corrective Action including Root Cause Analysis and Audit Finding Closure
- Audit Follow Up Strategies
- Final Audit Team Meeting
- Closing/Exit Meeting & Role Play
*Kelmac Group cover this topic in more depth compared to our competitors.
**Kelmac Group proven added value as this material is not covered by the IRCA specification or our competitors.
This course is fully certified by Kelmac Group.
Additional Course Information
Working with a Case Study: Almost Full Documented ISMS Management System
Why is this important?
Each Learner will audit the almost full documented Integrated ISMS Management System from the unique Kelmac Group® assurance perspective.
The Kelmac Group® assurance perspective is unique as we audit like many professional financial audit practices where the focus is on providing top management with the quality of insight to make decisions and actions aimed at improving performance of the organization.
We boast the most comprehensive documented ISMS Case Study available in the market and provides the Learner with the most realistic practical audit experience available on the market including ISO/IEC 27001:2013 Policy Manual/Statement of Applicability [SoA]; 13 SIPOC processes [Value chain, Support and Management]; 19 procedures; and related documented templates and records.
Live Vs. Facilitated Audit
Which is better?
Some competitors offer a “live” audit as part of their training. However a “live audit” of such short duration (>0.5 day typically) is of limited value as the Learner does not get an opportunity to audit an almost fully documented ISMS. Kelmac Group’s course includes a “facilitated” audit which enables us to truly verify the Learner’s core audit skills through working with an almost fully documented Information Security Management Systems.
Others train followers, we train leaders™