RAB QSA Certified ISO/IEC 27001:2005 Internal ISMS Auditor Training Course

Course Category: Information Security Management Systems (ISMS)  

Course Title: Internal ISMS Auditor based on ISO/IEC 27001:2005

Kelmac Group's RAB QSA International Certified Internal ISMS Auditor based on ISO/IEC 27001:2005 course teaches delegates the fundamentals of auditing information security management systems to ISO/IEC 27001.  This course teaches delegates how to conduct audits within their organization.  The auditing exercises and lectures are based on ISO 19011:2002, "Guidelines for Quality and/or Environmental Management Systems Auditing."  Experienced instructors guide delegates through internal audits that are required for a quality management system based on ISO/IEC 27001:2005.  Delegates gain necessary auditing skills through a balance of formal classroom tutorials, group workshops, and open forum discussions.

Course Structure

Applicants considering seeking entry/access or a credit/exemption on this Kelmac Group training course; or consideration for an award from RABQSA International under the Kelmac Group Recognition of Prior Learning (RPL) process are required to submit an application to Kelmac Group at the time of the online booking.  For details of RPL, download the Kelmac Group document, Introduction to Recognition of Prior Learning (RPL) which outlines the value and process steps for making an RPL application.  Click here to download the RPL Application form.

This course is a 32 hour/4 day course.

There is a 16 hour pre course assignment that must be completed by all delegates in advance of attending. Completed assignments are to be handed to the tutor on day 1 of the training course.

Course Start: 08:45 & Course Finish: 17:30

Evening study may be required as part of this course. It is recommended that all delegates attending treat the course as residential.

A detailed course breakdown is as follows:

Day 1

• OECD Principles 
• Purpose of an ISMS 
• Evolution of an ISMS
• Purpose, content and interrelationship between ISO/IEC 27001:2005; ISO/IEC 27002; ISO/IEC 18044; ISO/IEC 27006 and the legislation framework of an ISMS
• ISO/IEC 27001:2005 Requirements

Day 2

• Information Security Legislation
• Analysing and Evaluating Security Risks
• Risk Assessment Methods
• Treating Security Risks
• Formulating a Risk Treatment Plan (RTP)
• Investigating Security Incidents

Day 3

• Introduction to ISO 19011:2002
• Audit Roles & Responsibilities
• Document Review
• Audit Plan/Scope
• Checklists

Day 4

• Opening Meeting 
• Collecting and Verifying Evidence
• Auditing Top Management
• Audit Reporting 
• Summary Audit Report 
• Closing/Exit Meeting 
• Audit Follow Up/Close

Course Assessment

The delegate is assessed based on participation and performance throughout the duration of the course. This includes all exercises, role plays, case studies and all other activities during the course. Please note, full attendance is required during the training course.

Delegates are expected to achieve a minimum level of competency for each element of competency/competency unit to satisfy the competency standards required by RABQSA International and IRCA.

Training Methodology

Accelerated learning is the most advanced teaching and learning method available today. Itʼs a total system of enhancing and speeding up both the design and learning process. What makes accelerated learning so effective is that itʼs based on the way we naturally learn. It does this by actively involving the whole person, using physical activity, creativity, collaboration among learners, variety that appeals to all learning styles, contextual learning with real-world immersion, the creation of a positive physical, emotional, and social environment and other methods designed to get people deeply involved in their own learning.

What's Included on the course

• Pre Course Assignment & Online Support
• Comprehensive Course Manual
• Competency & Training Assessment
• Delivery by Expert Tutor (s) with real life experience 
• Additional Handouts
• Digital Training Certificate (Successful Completion or Attendance)