0
Shopping cart
There are no products in your cart.
Log in

Register
certified information security management systems lead auditor Information Security
Management Systems
Lead Auditor

Course Overview

  • 3 Days
  • $2,500
  • 24 CPE Credits

The Certified Information Security Management Systems—Lead Auditor certification course prepares students to competently lead audits of information security management systems (“ISMS”) to ensure that they meet ISO/IEC 27001 standards in any organization. Mile2’s ISMS ISO/IEC 27001 Audit Methodology:

  1. Planning
  2. Control Evaluation
  3. Substantive Testing
  4. Completion

 

The C)ISMS-LA is perfect for those looking to perform an internal or external ISMS ISO/IEC 27001 audit or to certify their ISO/IEC 27001 expertise.

Upon Completion

Students will:

  • Have learned the ISMS audit principles, procedures and techniques.
  • Acquire the necessary knowledge to manage an ISMS audit
  • Be ready to perform an ISO/IEC 27001 audit.
  • Be ready to sit for the C)ISMS-LA exam.

 

Course Content

Click on a module to view its agenda.

1: Intro

Housekeeping
Course Structure
Examination
Certification
Agenda
Exercise 1
Introductions
Learning objectives
Exam and
Certification Objectives
Goal of ISO27001:2013
ISO27001:2013
Implementation objectives
Implementation objectives cont.
The Purpose of Audit

2: The ISO/27001:2013

Agenda
The ISMS
The ISMS
Integration
Suitable for
Organizations of all Sizes
Assessment
The Evolution of ISO27001, 2
Recent Updates
ISO27002
Control Hierarchy
ISO27001
The ISMS
Constant Change
and Improvement
Adoption of the ISMS
Exclusions

3: Information Security and Key Controls

Agenda
Key Terms
Information
Information Security Definition
Information Security
Context of the Organization
Leadership
Planning
Planning Continued
Planning Continued
Support
Support Continued
Support Continued
Operation
Performance evaluation
Improvement

4: Risk Management

Agenda
Definitions
Risk
Risk cont.
Risk cont.
Risk Management Principles
Information Security Risk Management Practices
Information Security
Risk Assessment
Define a Risk
Assessment Approach
Identify Risks
What Is the Value of an Asset?
What Is a Threat Source/Agent?
What Is a Threat?
What Is a Vulnerability?
Factors used in Risk Estimation
Output of Risk Evaluation Process

5: Risk Treatment

Agenda
Risk Treatment
Definitions
Definitions Risk
Treatment Continued
Definitions Risk
Treatment Continued
Definition of Controls
Examples of Types of Controls
Control Usage
Risk Treatment Options
Risk Definitions
Comparing Cost and Benefit
for Control Selection
Cost of a Countermeasure
Appropriate Controls
Statement of Applicability
Information Security
Risk Monitoring and Review
Monitoring Change in Risk

6: Audits and Auditors

Agenda
Audits and Auditors Topics
Audit
Audit Evidence
Audit Evidence
Definitions
Audit Criteria
Audit Types
Why Perform
Different Audit Types?
Benefits of Internal ISMS Audits
Audit Roles
Lead Auditor Responsibilities
Auditor Duties
Skills and Behaviors of Effective Auditors
Auditor Competencies

7: Auditing the Information Security Management System

Agenda
ISO27001 Audit Objective
Audit Standards

8: Planning and Conducting an Audit

Agenda
Audit Process
Audit Program
Audit Schedules
Preliminary Visit
Audit Planning
Audit Planning
Stage 2 of Audit Process
Stage 2 Audit Plan
The Opening Meeting
Checklist Benefits
Checklist Drawbacks
Reporting on Non-compliance
Nonconformity Report Format
Major Nonconformity
Major Nonconformity Examples
Major Nonconformity Examples
Minor Nonconformity
Minor Nonconformity Examples
Guidelines for Writing
a Non-conformity Report
Example of Writing
a Nonconformity Report
Audit Conclusions
Surveillance and Follow-up Visits
Summary
The Examination

Training Options

Mile2 offers certification courses around the year and around the globe. You can attend in these ways:

Who Should Attend

The C)ISMS-LA was designed to prepared students to perform information security management systems audits according to the ISO/IEC 27001 international standard. We recommend a background in systems with an interest in performing these ISO/IEC 27001 audits before taking this class.

Exam Information

The Certified Information Security Management Systems-Lead Auditor exam is taken on-line through Mile2’s Assessment and Certification System Mile2's Assessment and Certification System (MACS), which is accessible on your mile2.com account. The exam will take 2 hours and consist of 100 multiple choice questions. The cost is $500 USD and must be purchased from the store on Mile2.com.