ISO/IEC 27001:2013 and VDA ISA TISAX Internal Auditor Training for Information Security Management Systems
Omnex
Course description
ISO/IEC 27001:2013 and VDA ISA TISAX Internal Auditor Training for Information Security Management Systems
Omnex is an Exemplar Global Certified TPECS provider for the Exemplar Global AU Competency Unit. This three-day course has been developed to satisfy the Exemplar Global AU Examination Profile and, as such, all attendees who successfully pass the exams during this course will achieve a Certificate of Attainment for the Exemplar Global-AU competency unit.
This course was developed to cover all requirements of the ISO/IEC 27001:2013 standard. The course includes definitions from ISO/IEC 27000:2018 (Information Security Management Systems - Overview and Vocabulary), Guidance from ISO/IEC 27003:2017(Information Security Management System Implementation and Guidance), and auditing requirements from both ISO 19011:2010 (Guidelines for Auditing Management Systems) and ISO/IEC 27007:2017 (Guidelines for Information Security Management Systems Auditing). Group exercises and case studies will be used to develop the required skills. Other topics covered include the auditing process and methodologies, e. g. planning and conducting an audit, writing nonconformity statements, preparing an audit summary and report, and verifying corrective actions following the requirements of ISO 19011 and ISO 27007. Auditing case studies to develop skills for identifying nonconformities will be used.
Who should attend?
Pre-Requisite
An understanding of the ISO/IEC 27001:2013 requirements and/or work experience in applying ISO/IEC 27001:2013is recommended.
Who Should Attend
This seminar is primarily designed for internal auditor candidates, but can also be valuable for Information Security Assurance Managers, ISO/IEC 27001:2013 Implementation and/or Transition Team Members, Management Representatives, and all others who would like to develop competency in ISO/IEC 27001:2013 and the auditing process for first party auditing.
Training content
Day One
- Introduction and Welcome
- The ISO Standards Explained
- Introduction to ISO/IEC 27001:2013and Key Terms from the ISO 27000:2014 - Overview and Vocabulary
- ISO/IEC 27001:2013 Requirements Including Applicable Guidance from ISO 27003:2017
- Group Exercise: Context of the Organization
- Group Exercise: Interested Parties
- Group Exercise: Audit Scenarios
- Group Exercise: IT Security Controls
Day Two
- Process Approach to Auditing, Turtle Diagrams, and Audit Trails
- Audit Guidance, Definitions, and Principles
- The Audit Program
- Audit Planning and Preparation including ISO 27007Guidelines for Information Security Management Systems Auditing
- Breakout Exercise 1: Writing an Objective and Scope Statement
- Breakout Exercise 2: Documentation Review
- Breakout Exercise 3: Creating an Audit Plan
Day Three
- Performing the Audit
- Breakout Exercise 4: Performing an Audit
- Writing Nonconformity Statements
- Breakout Exercise 5: Writing Nonconformity Statements
- Closing Meeting
- Completing the Audit Report
- Corrective Action and Close-Out
- Management Systems Auditing Final Exam
Course delivery details
Course Duration: 3 Days - 8 Hours/day
About Omnex
Omnex, International Consulting, Training and Software Development Organization
Omnex is an international consulting, training and software development organization specializing in management system solutions that elevate the performance of client organizations. Omnex provides consulting and training services in Quality, Environmental, and Health and Safety standards-based management systems. Omnex also...
