Please wait...

IEC/ISO 27001 Lead Auditor Certification Training (Dec. 2022 & Jan. 2023)

   19 December 2022
   19th – 26th December 2022 (5:30 PM - 8:30 PM IST) OR 11th – 14th January 2023 (10 AM – 5 PM IST)
   Online
      Register Here
   25960 Rs.

 

Changed New Version of ISO/IEC 27002:2022; Information Security, Cybersecurity and Privacy Protection

ISO 27001 involves establishing and maintaining a documented system of controls whereby management of risks can be possible; risks can be identified and reduced. Achieving ISO 27001 certification shows that a business has protected information from getting into unauthorized hands, ensures information is accurate, and can only be modified by authorized users.

Organizations that process client data, provide business products and solutions make ISO 27001 not only an internal control requirement but also a business requirement. Often ISO 27001 is implemented in response to a business requirement raised by the Chief Operating Officer.

 

ISO 27001:2022 what’s new?

 The following are the main changes in the ISO 27001:2022 revision:

·Slight changes in clauses 4–10

·The controls are placed into four sections instead of the previous 14.

·The number of controls has decreased from 114 to 93.

·Controls are merged, not deleted, for a total of 11 new controls.

·The moderate changes in Annex A security controls

 

Who should attend?

·Auditors who want to update their knowledge as to revised provisions of ISO 27001 2022 version.

·Auditors seeking to perform effective Information Security Management System (ISMS) certification audits

·Managers or consultants seeking to master an Information Security Management System audit process within the organization.

·Technical experts seeking to prepare for an Information Security Management System audit

·Consultants performing information security audits.

 

Course Objective:

To have a comprehensive understanding of the cover what ISO 27001 is, how it differs from ISO 27002, the likely impact of the revised ISO 27001 and ISO 27002 standards, and new ISO 27001 controls.

 

Course curriculum and duration

Section 1

·Introduction to the information security management system (ISMS) and ISO/IEC 27001 new standard; comparative analysis

·Course objectives and structure

·Fundamental concepts and principles of information security

·Information security management system (ISMS)

 

Section 2

·Audit principles, preparation, and initiation of an audit

·Audit concepts and principles and the impact of trends and technology in auditing

·Risk-based auditing based on evidences and Initiation of Stage 1 audit.

 

Section 3

·On-site audit process and controls to be examined

·Preparing for stage 2 audit and communicating to all team members for updates

·Preparation of audit test plans to test controls in Annexure A

 

Section 4

·Documenting audit findings and preparing gap or nonconformity reports.

·Audit documentation and quality review.

·Closing of the audit

·Evaluation of action plans by the auditor

·Maintaining the ISMS beyond the initial audit and managing an internal audit program

·Q/A session, doubt clearing session and closure of the training course

 

Last Day  - Certification Exam

 

Final Assessment

·Q/A session & some case studies

·Small test (MCQ)

·Any clarification on request

 

Training Takeaway

Key changes between ISO 27002:2013 and ISO 27002:2022

Difference between  ISO 27001 and ISO 27002

New ‘attribute’ feature

Changes to the main management system clauses

Changes in Annex A controls

Transitioning over to the new Standard

 

TRAINER PROFILES

 

Priti Sikdar

EVP Risk Advisory & Training, Riskpro India

Priti is an Information security and Data privacy professional with over 25 years of experience in IT sector. She has vast experience in implementation of systems to comply with ISO 27001, GDPR, Privacy Shield and GLBA, conducting ISMS audits, security and privacy risk assessments as well as SOC 2 audits. Priti has worked for leading firms such as Grant Thornton, KPMG London and Sharp & Tannan.

 

 

Ritu A Thakkar

Vice President- IT Risk Advisory, Riskpro India

Ritu is leading expert on Cybersecurity and Information security professional with over  18+ years of experience in implementing, training, and audits in ISMS, ISO 27001, ISO 9001, ISO 31000, ISO 22301, SOC 2, ISAE 3402, ERM, ITIL, GDPR, HIPAA, NIST & COSO, Enterprise Risk Management, ITGC, ITAC, Quality Management, QMS, Lean, QAI, Process Implementation, IT operations, CMMI, Agile and Software Development Lifecycle (SDLC), internal audits, threat intelligence, data protection, and compliance management.

 

2 TRAINING BATCHES AVAILABLE:

 

Evening Batch in December 2022

19th – 26th December 2022

5:30 PM - 8:30 PM IST

Final Assessment:

27th December 2022

10 AM to 11:30 AM IST

 

Full Day Batch in January 2023

11th – 14th January 2023

10 AM – 5 PM IST

Final Assessment:

16th January 2023

10 AM to 11:30 AM IST

 

TRAINING FEES PER PERSON PER BATCH:

Rs. 22,000 + 18% GST

 

FOR REGISTRATION, PLEASE CONTACT:

Priti Sikdar

Executive Vice President 

priti.sikdar@riskpro.in

9930721992

 

Anuj Bhatia

Manager- Sales and Corporate Training

anuj.bhatia@riskpro.in

9819315309