Enrol now in our upcoming Virtual classroom ISO27001:2013 Lead Auditor course 24 to 28 August 2020. Only a few seats remaining. contact desmond.muchetu@bureauveritas.com

1. LEADING THE CHANGE
CQI-IRCA Certified ISO27001:2013 ISMS Lead Auditor Course
Date: 24 August 2020– 28 August 2020
Venue: BV Virtual classroom platform
Timing: 08:30 – 17:00
Benefits of the Course
On successfully completing the course, students
Will be able to understand/interpret
 An appreciation of the importance of controlling Information Security in all types of business.
 Knowledge of Information Security management systems (ISMS) including the requirements of ISO
27001
 An appreciation of documented management systems to control Information Security
 An appreciation of risk assessment for Information Security.
 An understanding of the principal requirements for auditing IS Management systems.
 Plan an audit against a set of audit criteria
 Successfully execute an Information Security Management system audit
 Create clear, concise and relevant audit reports and Communicate the audit findings to a client
The course uses a mixture of taught sessions, interactive group discussions and exercises to achieve its
aims. The practical exercises are based upon a fictional company. However, the procedures, work
instructions and data are typical and could relate to many different enterprises equally. The practical
exercises have been carefully designed to focus upon issues that commonly arise during Information
Security audits.
What will be included in the Agenda?
 Information Security Management System overview
 Auditing Information Security Management System against requirements of
ISO/IEC 27001:2013
 Audit techniques
 Accreditation issues
 Auditor competence
 Practical Exercises and Feedback Auditor competence (ISO 19011, IRCA norms)
 Practical exercises and feedback.
 Final Examination
(1)

2. Prerequisites:
Delegates are expected to have prior knowledge of the following:
 Management systems:
 Understand the Plan-Do-Check-Act (PDCA) cycle
 Information Security Management:
 Knowledge of the following information security management principles and concepts:
 awareness of the need for information security;
 the assignment of responsibility for information security;
 incorporating management commitment and the interests of stakeholders;
 enhancing societal values;
 using the results of risk assessments to determine appropriate controls to reach acceptable levels of
risk;
 incorporating security as an essential element of information networks and systems;
 the active prevention and detection of information security incidents;
 ensuring a comprehensive approach to information security management;
Continual reassessment of information security and making of modifications as appropriate.
 ISO/IEC 27001
Knowledge of the requirements of ISO/IEC 27001
 (with ISO/IEC 27002) and the commonly used information security management terms and
definitions, as given in ISO/IEC 27000, which may be gained by completing an IRCA certified
ISMS.
How to register:
Kindly send confirmation email to desmond.muchetu@bureauveritas.com
OR
Telephone +27 71 862 2959 Desmond Muchetu
(2)