Auditor of the information security management system (ISO 27001, ISO 19011, ISO 17021, Rules of SIC)

This course covers the fundamental principles and requirements of ISO 27001, as well as the standards ISO 27006, ISO 19011:2018, and ISO 17021:2015. Special attention is given to the requirements of ISO 17021, which establishes principles and requirements for the competence, consistency, and impartiality of bodies providing audit and certification services for management systems. The SIC system rules help businesses overcome technical barriers in international trade and ensure equal access to global markets.

To enhance material comprehension, all course slides are narrated. Real case studies are provided to better apply theory in practice. Structured information – the training material is divided into modules, making the learning process even more effective.

Certification:
Upon successful completion of the course, participants will receive a certificate confirming their qualification as external auditors of ISMS in accordance with ISO 27001 standards.

This course is an important step for those who aspire to become highly qualified external auditors and make a significant contribution to sustainable development.

Course program

Duration

30 hours

Language

English/Ukrainian

Format

100% online

Objectives

  • Understand the principles of the ISMS implementation according to the requirements of ISO/IEC 27001:2022
  • Get a complete understanding of the concepts, approaches, methods and techniques necessary for effective management of the ISMS
  • Gain knowledge in identifying risks and opportunities associated with the ISMS
  • Understand the relationship between the ISMS and compliance with the requirements of various stakeholders of an organization
  • Improve the ability to analyze the external and external environment of an organization and make decisions in the context of the information security management system
  • Determine which of the 93 information security controls are applicable to your organization
  • Familiarize yourself with all the stages of preparing and conducting an external audit
  • Gain the necessary knowledge to manage an ISMS audit team

Target audience

  • External auditors
  • Project managers and consultants who wish to master the process of auditing an information security management system
  • Heads and specialists of departments responsible for information security
  • Members of the ISMS implementation team at the enterprise
  • Professionals who wish to gain in-depth knowledge of the ISMS
  • Specialists involved in the day-to-day support of the ISMS processes
  • Students of specialized faculties

Document on completion

ISMS external auditor certificate, listed in the SIC international register

Thematic plan

1 Module “Information security management systems (ISO/IEC 27001)”

2 External audit (ISO 19011)

The program is designed for 30 hours, including time for studying theoretical material and taking tests.

Objectives

Module 1 Information Security Management Systems (ISO 27001)

Number of hours

 1

Introduction

1,5

 2

General provisions of the standard

2,5

 3

Context of the organization

2

 4

Leadership

2

 5

Planning

2,5

 6

Support (resources)

2,5

 7

Operation

1

8

Performance evaluation

3

 9

Improvement

1

10

Information security controls

5

 

Testing

1
Module 2 External audit (ISO 19011)

Number of hours

2.1 Introduction                                                                   1
2.2 General provisions of the standard                         1,5
2.3 Audit program management (AP)                              5
2.4 Carrying out an audit                                                   5
2.5 Competence of auditors                                             2
Testing                                                                                  1