The aim of this course is to provide delegates with the knowledge and skills required to perform first, second and third-party audits of information security management systems against ISO/IEC 27001 (with ISO/IEC 27002), in accordance with ISO 19011 and ISO 17021, as applicable.
Successful completion of the course (including examination) will result in issuance of a certificate which may be used to support an application to become registered as an IRCA auditor. Being certified as an IRCA auditor is a clear statement that you are a recognized, qualified and capable auditing professional.
Recommended prior knowledge:
The knowledge of the principles and concepts for information security management systems including awareness of the need for information security, responsibilities, management commitments, using results of risk assessments and incorporation security as an essential element of information networks and systems are just as recommended as the knowledge of the requirements of ISO/IEC 27001 and terms and definitions as given in ISO/IEC 27000. Addition- ally the knowledge and understanding of the PDCA cycle will support a successful completion of the course.