By the end of this course, delegates will be able to:

• Understand the fundamentals of information security
• Know the interrelationships between ISO/IEC 27001 and the other information security standards (ISO 27002, ISO 27003, ISO 27004, and ISO 27005)
• Know the key components of an information security management system (ISMS) in accordance with ISO/IEC 27001
• Introduce the concepts, approaches, standards, methods and techniques allowing to effectively manage an ISMS
• Understand the relationship between an information security management system, including risk management, controls and compliance with the requirements of different stakeholders of the organization
• Understand the stages of the ISO/IEC 27001 certification process
• Acquire the expertise to perform an ISO 27001 internal audit following ISO 19011 guidelines
• Acquire the expertise to perform an ISO 27001 certification audit following ISO 19011 guidelines and the specifications of ISO 17021 and ISO 27006
• Acquire the necessary expertise  to manage an ISMS audit team
• Understand the operation of an ISO 27001 conformant information security management system
• Understand the relationship between an information security management system, including risk management, controls and compliance with the requirements of different stakeholders of the organization
• Improve the ability to analyze the internal and external environment of an organization, its risk assessment and audit decision-making 

Managers, Team Leaders, Line Managers, Superintendents, OE Champions, Quality and Project Managers, Supervisors, Executives, Internal and External Auditors, Members of IT Team, Health & Safety Managers, Risk Managers, Business Process Owners, Business Finance Managers, Business Risk Managers, Regulatory Compliance Managers, Project Managers, Continuity, Risk, Quality, IT and Environmental Managers, Anyone involved in the system development, implementation and maintenance, Regulatory Affairs Managers, Consultants, Anyone who is involved in ISO standards

This interactive Training will be highly interactive, with opportunities to advance your opinions and ideas and will include;

• Lectures
• Workshop & Work Presentation
• Case Studies and Practical Exercise
• Videos and General Discussions

• Introduction to information security management system (ISMS) concepts as required by ISO/IEC 27001
• Normative, regulatory and legal framework related to information security
• Fundamental principles of information security
• ISO/IEC 27001 certification process
• Information security management system (ISMS)
• Detailed presentation of the clauses 4 to 8 of ISO/IEC 27001
• Planning and initiating an ISO/IEC 27001 audit
• Fundamental audit concepts and principles
• Audit approach based on evidence and on risk
• Preparation of an ISO/IEC 27001 certification audit
• ISMS documentation audit
• Conducting an opening meeting
• Conducting an ISO/IEC 27001 audit
• Communication during the audit
• Audit procedures: observation, document review, interview, sampling techniques, technical verification, corroboration and evaluation
• Audit test plans
• Formulation of audit findings
• Documenting nonconformities
• Concluding and ensuring the follow-up of an ISO/IEC 27001 audit
• Audit documentation
• Quality review
• Conducting a closing meeting and conclusion of an ISO/IEC 27001 audit
• Evaluation of corrective action plans
• ISO/IEC 27001 surveillance audit
• Internal audit management program

BTS attendance certificate will be issued to all attendees completing minimum of 80% of the total course duration.