This course aims to provide the knowledge and skills to conduct internal audit on an organization’s Information Security Management Systems (ISMS). Helps the learners to understand the challenges of the organization in information security and contribute for the organization continual improvement in ISMS.
• Understand the requirements of ISO 27001(ISMS)
• Understand the purpose of ISO 27001
• Describe the role and responsibilities of an internal auditor in the audit process of ISMS
• Plan, prepare and execute internal audit for ISO 27001 through document review, site inspection, interview, and sampling management system internal audit effectively
• Define the audit scope, criteria, frequency, methodologies, responsibilities, and requirements
• Be able to plan, prepare and execute integrated management system internal audit effectively
• Develop the skills of evaluating significance of audit findings and developing appropriate corrective/preventive measure
• Preparation of audit report
• Explain the structure of ISO 27001 with the reference to PDCA (Plan-Do-Check-Act) cycle
• Helps the learner to implement and manage ISMS effectively
• Understand the advantages of ISMS
