ISO 27001: 2022 Information Security Management Systems Lead Auditor (HYBRID)

$2,053.00

Course Description: The ISO 27001:2022 Lead Auditor training course represents a one-step approach to achieving information security auditor credentials with Exemplar Global. We use the CASE STUDY METHOD and introduce the Superior Software Company on Day 1. Each day we connect intangible management system concepts to a tangible entity and result in about 40% of the week spent on exercises and practicum. Day one is a detailed examination of the ISO 27001: 2022 requirements and how to interpret them. Day two is focused on implementing an ISMS, including the 3rd party certification process. The review of ISO 27002: 2022 Annex A Controls reaches unparalleled depth and breadth as we cover all 93 controls that will need to be addressed in your Statement of Applicability (SoA). Day 3 is imparts fundamental auditor skills such as planning, executing and reporting the audit using the best practice offered in ISO 19011: 2018 as a guide. Day 4 is focused on The Team Leader and advanced auditor topics ranging from handling difficult situations, leading internal and 3rd Party Audits, IAF Guidance Documents and improving auditor proficiencies.. The CASE STUDY includes a full ISMS Manual, procedures, policies, forms and records so you can see the ISMS in a completed state. This can be very helpful to aid your own implementation. The ISO 27001: 2022 Lead Auditor training price provides you an option to INCLUDE the cost of credentialing.

Format:
Days one, three, and four: Online instructor led 2022 ISO 27001 Lead Auditor certification training
Day two: Online self-paced 2022 ISO 27002 Lead Auditor certification training

Time: 9:00am EST to 5:00pm EST

Duration: 4 days (32 hours of training)

CEUs: 40

Please note price includes a 2.9% service fee.

Format:
Days one, three, and four: Online instructor led 2022 ISO 27001 Lead Auditor certification training
Day two: Online self-paced 2022 ISO 27002 Lead Auditor certification training

Time: 9:00am EST to 5:00pm EST

Duration: 4 days (32 hours of training)

CEUs: 40

Please note price includes a 2.9% service fee.

Day 1: Opt Out or Select Course Date:

Day 2: Opt Out or Select Self Paced:

Day 3: Opt Out or Select Course Date:

Day 4: Opt Out or Select Course Date:

Quantity:

Additional Course Information

This course represents a one step approach to achieving information security auditor credentials with Exemplar Global. Day one is a detailed examination of the ISO 27001 requirements and explains what one needs to do to achieve certification. Day two is focused on Annex A Controls. We review all 114 that will need to be your Statement if Applicability (SoA). We also teach how to implement. Day 3 is focused on fundamental auditor skills and ISO 19011: 2019 is a guide. Day 4 is focused on Leading Audits.
Day 1: Understanding ISO 27001: 2022 Requirements (Learning Objectives):
• Understand the Management System Reg Process
• Be able to interpret the ISO 27001 Requirements - each clause
• Understand examples of satisfactory evidence for ISO 27001
• To be able to demonstrate understanding of process approach
• Understand the documentation required in ISO 27001
• Understand the interrelationships b/n ISO 27001 & other docs
• Be able to use the terms in ISO 27000 & ISO 27001 correctly
• Be able to evaluate the effectiveness of the ISMS, including metrics
• Understand the relationship b/n legal compliance & conformity
• Understand the relationship of IS requirements derived from ISO 27001
• Understand the process of addressing improvements in the ISMS
Day 2: Understanding ISO 27001: 2022 Annex A Controls (Learning Objectives):
• Understand/analyze Controls in Annex A
• Assess the effectiveness of Risk Assessment methodologies
• Understand artifacts for all 114 Controls in Annex A
• Understand the Statement of Applicability
• Be familiar with ISO 27006: 2015 (Specifically Annex D: Guidance for review of Annex A controls)
• Be capable of applying this knowledge to scenarios
• To understand the categories of findings
• To Understand how the Controls are implemented
• To assess the organization’s Risk Assessment and Risk Treatment processes
• To analyze how IS objectives & legal requirements fit into RA
• To assess an organization’s monitoring, measurement & analysis

Day 3: Planning & Conducting Effective Management System Audits (Learning Objectives):
• Be capable of applying terms, definitions and concepts to MS auditing
• Be capable of recognizing examples of Auditing Principles
• To recognize the types of audits these principles apply
• To learn the roles & responsibilities of Audit Program Manager
• To understand the Audit Lifecycle - IPERC
• To understand the role of the Auditor through each step
• To learn the layers of planning 1) Program 2) Audit and 3) Interview
• Be capable of conducting a Process Audit
• Be able to write clear NC reports and communicate findings
• To understand differences b/n 1st & 3rd Party audits
• To understand the corrective action process and role of the auditor
• To understand your personality type to solicit optimal outcomes

Day 4: Leading Management System Audits (Learning Objectives):
• To learn the roles & responsibilities of Audit Team Leader
• To be able to write an audit plan - applying the risk-based approach
• To be able to run an Opening & Closing Meeting
• To be able to handle difficult situations - professionally
• To be able to discuss strategic issues with Top Management
• To be able to demonstrate conflict management skills - including diverging opinions
• To be able to identify and manage audit risk
• To recognize the nuances of Joint & Combined audits
• To be able to conduct virtual/remote audits
• To understand required report content & who gets the report
• To be capable of verifying effectiveness & completeness of corrective actions
• To gain familiarity with ISO 17021-1
• To gain familiarity with IAF documents and how to use them
• To exhibit auditor communication skills - w/ wide range of people w/ range of topics
• To ensure audit plans include objectives, scope & criteria (and are understood)
• To understand the process for selecting overall team competence is understood
• To ensure work assignments to teammates are clear & documented info for audit is prepared
• To confirm H&S considerations are planned and related risks are understood
• To assure auditors are capable of progressing the audit and keep on schedule
• To assure the purpose of team briefings is understood - including the content of the briefings
• The TL can lead the team to reach a consensus on audit findings
• The TL objectives, purpose, and content of the Closing Meeting are understood
• The TL understands to distribute the audit report as per the audit plan
• The TL demonstrates the ability to develop a complete, accurate, concise and clear audit record
• The TL ensures audit report details audit completion and follows up actions
• To understand the completion and effectiveness of corrective actions are verified
Precision Execution is an Exemplar Global certified provider. Those who successfully demonstrate competence during this course and pass the final exam will receive a Certificate of Attainment from Exemplar Global as an ISO 27001 Lead Auditor.
• Basic familiarity and understanding of information security principles
• Some familiarity with management systems