ISO 27001 Lead Auditor Training


Course Objective

To have a comprehensive understanding of the ISO 27001 standard and key processes for the implementation of ISO 27001 in an organization, steps in certification, and attaining the knowledge to become a key implementer.

Schedule For Training

Section 1

  • Introduction to the ISO 27001 standard and the management of an Information Security Management System (ISMS) based on ISO 27001 requirement.
  • Explanation of key definitions and terms used in ISO 27001
  • Fundamental principles of Information Security
  • Introduction of Clauses 4-10 and Annexure A controls
  • Preliminary preparedness analysis and determining the level of maturity of the existing management of the Information Security
  • Writing the business case and preliminary design of the ISMS
  • Developing a project plan of compliance to ISO/IEC 27001:2013

Section 2

  • Initiating the ISO 27001 project
  • Definition of roles & responsibilities
  • Drafting of the ISMS policy
  • Defining the scope of the ISMS
  • Drafting the Statement of Applicability (SOA)
  • Risk management methodology, risk assessment & risk treatment under ISO 2700

Section 3

  • Implementing the ISMS based on ISO 27001 standard
  • Preparation of mandatory documentation
  • Design of controls and writing procedures
  • Assessing risk as per ISO 27001 requirement
  • Implementation of controls
  • Development of a training & awareness program and communicating about the significance of the implementation program.
  • Incident Management procedures
  • Operations management of an ISMS

Section 4

  • Internal audit of the controls, policies, and overall status of isms
  • Certification audit of the ISMS according to ISO 27001
  • Performance monitoring and setting of metrics; Key performance indicators, and the dashboard
  • Management review of the ISMS
  • Implementation of a continuous improvement program

Final Assessment

  • Q/A session & some case studies
  • Small test (MCQ)
  • Any clarification on the request

Dates and Timing:

Sections 1 - 4 will be covered from 19th – 28th Oct. 21 from 5:30 PM - 8:30 PM IST Final Assessment will take place on 29th Oct. 21 – 10 AM to 11:30 AM IST

Training Takeaway

  • A greater understanding of ISO 27001
  • Practicing your internal auditing skills
  • Understanding areas to be audited
  • Understanding techniques/approaches to consider
  • Understanding organization issues when maintaining and auditing framework processes

Training Fees Per Person: Rs. 18,000 + GST

Training Dates/Duration: 19th to 29th October 2021

Trainer Profile: Priti Sikdar, EVP Risk Advisory & Training, Riskpro India

Priti Sikdar is an Information security and Data privacy professional with over 25 years of experience in the IT sector. She has vast experience in the implementation of systems to comply with ISO 27001, GDPR, Privacy Shield, and GLBA, conducting ISMS audits, security, and privacy risk assessments as well as SOC 2 audits. Priti has worked for leading firms such as Grant Thornton, KPMG London, and Sharp & Tannan.