ISO 27001 Implementation and Internal Auditor courses

Implementation

AVAILABLE VIA LIVE STREAM

The 3-Day ISO 27001:2013 Implementation training course provides a systematic look into the ISO 27001:2013 Information Security Management Systems – Requirements International Standard, focusing on:

  • The foundation of ISO 27001:2013 based on the common framework adopted by all ISO standards: High Level Structure (HLS), common text, and common terminology.
  • In depth overview of each clause of the ISO 27001:2013 standard, explaining what the standard says, how to implement the standard in the real world, and how to audit it.
  • In depth overview of Annex A, reviewing each control objective within the 14 controls.
    This course was designed by Mireaux based on decades of experience implementing management systems, auditing management systems, and being audited.

The course is filled with practical exercises and real application examples to help participants develop a hands-on understanding that will facilitate the implementation of a world-class Information Security Management System.

Learning Objectives

By the end of the course, participants should have attained knowledge and understanding of the following concepts:

  • Information security definitions and terminology
  • Background and objectives of ISO 27001:2013
  • How to apply the Process Approach to identify the organization’s core and support processes that make up the basis of the Scope of the
  • Information Security Management System.
  • Each of the ISO 27001:2013 standard’s clause requirements.
  • Each of the controls of Annex A, and how to implement them.
  • The necessary steps to implement a brand new Information Security Management System.
  • Risk assessment and risk treatment requirements and have a clear methodology to conduct both.
  • The certification process.

Internal Auditor

AVAILABLE VIA LIVE STREAM

The 4-Day ISO 27001:2013 Internal Auditor training course encompass the following:

  • Mireaux’s 3-day ISO 27001 Implementation course
  • 1-day Internal Auditing Techniques

The course is essentially three days of hands-on training on the ISO 27001:2013 Information technology — Security techniques — Information Security Management Systems – Requirement, International standard, plus one day of training in auditing techniques. This course focuses on:

  • The foundation of ISO 27001:2013 based on the common framework adopted by all ISO standards: High Level Structure (HLS), common text, and common terminology.
  • In depth overview of each clause of the ISO 27001:2013 standard, explaining what the standard says, how to implement the standard in the real world, and how to audit it.
  • In depth overview of Annex A, reviewing each control objective within the 14 controls.
  • The fundamental requirements to create an Internal Audit Program and conduct Internal Audits in accordance with ISO 19011:2018, “Guidelines for Auditing Management Systems”.

This course was designed by Mireaux based on decades of experience implementing management systems, auditing management systems, and being audited.

A well-structured Case Study and Role-playing audit scenarios help develop a hands-on understanding that will facilitate the implementation of an effective Information Security Management System and Internal Audit program.

Learning Objectives

By the end of the course, participants should have attained knowledge and understanding of the following concepts:

ISO 27001:2013 standard

  • Information security definitions and terminology
  • Background and objectives of ISO 27001:2013
  • How to apply the Process Approach to identify the organization’s core and support processes that make up the basis of the Scope of the
  • Information Security Management System.
  • Each of the ISO 27001:2013 standard’s clause requirements.
  • Each of the controls of Annex A, and how to implement them.
  • The necessary steps to implement a brand new Information Security Management System.
  • Risk assessment and risk treatment requirements and have a clear methodology to conduct both.
  • The certification process.

Internal Auditing Techniques

  • Roles and responsibilities of Internal Auditors
  • How to plan Internal Audits
  • How to execute Internal Audits, through interviews, and review of documentation
  • How to write clear nonconformities and effective Internal Audit reports
  • Following up on nonconformities

The ISO 27001:2013 Implementation training course does not have any prerequisite courses.

For individuals with little or no previous knowledge of ISO 27001 or Information Security Management Systems, who would like to maximize their knowledge; we recommend Mireaux’s Fundamentals or Advanced Document Control course as a preamble and introduction to management systems.

The topics in this course include:

  • Introduction to ISO 27001:2013
  • Information Security, Risk Assessment and Asset concepts and definitions
  • Structure of ISO 27001:2013 Standard
  • The ISO 27001:2013 Standard – Clauses 4 through 10
    • Clause 4: Context of the organization
    • Clause 5: Leadership
    • Clause 6: Planning
    • Clause 7: Support
    • Clause 8: Operation
    • Clause 9: Performance evaluation
    • Clause 10: Improvement
  • Control Objectives and Controls of Annex A
    • A.5 Information security policies
    • A.6 Organization of information security
    • A.7 Human resource security
    • A.8 Asset management
    • A.9 Access control
    • A.10 Cryptography
    • A.11 Physical and environmental security
    • A.12 Operations security
    • A.13 Communications security
    • A.14 Systems acquisition, development and maintenance
    • A.15 Supplier relationships
    • A.16 Information security Incident management
    • A.17 Information security aspects of business continuity management
    • A.18 Compliance

This course can be delivered via:

  • Public Training via Live Stream
  • Private Training at your facility, via Live Stream, or both

Live Stream Participants will need the following tools to effectively complete this course:

  • Computer or laptop with MS Windows software or operating system compatible with MS Teams
  • Audio and Visual equipment (i.e., webcam, microphone, headset, etc.)
  • Strong Internet Connection

Participants will receive printed comprehensive reference material, including:

  • Training Course Workbook
  • Workshops
  • Training copy of the ISO 27001:2013 standard

Live Stream: Training course material will be shipped to participants, 3-5 days prior to the start of training, to the shipping address provided at the time of registration.

In-Person: Training course material will be provided to participants on the first day of their arrival.

The duration of this course is three days, as follows:

  • Day 1              8:30 AM to 4:30 PM (CST)
  • Day 2              8:30 PM to 4:30 PM (CST)
  • Day 3              8:30 PM to 4:30 PM (CST)

Participants’ successful completion of the course is determined by:

  • Active participation and completion of workshops administered at various stages of the class.
  • Completion of Test.

A Certificate of Completion is provided to all participants upon successful completion of the course. The Certificate awards a total of 2.1 CEUs to participants who attend the entire duration of the course and pass the Test with a minimum score of 70%.

Mireaux courses are certified by Exemplar Global under the Recognized Training Provider program.  Participants attending this course will receive the following benefits:

  • 12 months of ongoing professional development and support through direct access to a series of tailored learning content.
  • Exemplar Global Graduate certificate to enhance their employment potential.
  • Access to an exclusive LinkedIn community to interact with other graduates and industry professionals to promote networking opportunities and skill sharing.
  • Continuing professional development opportunities through access to webinars, online articles, and events.
  • Greater support on their career path.

The ISO 27001:2013 Internal Auditor training course does not have any prerequisite courses.

For individuals with little or no previous knowledge of ISO 27001 or Information Security Management Systems, who would like to maximize their knowledge; we recommend Mireaux’s Fundamentals or Advanced Document Control course as a preamble and introduction to management systems.

The topics in this course include:

  • Introduction to ISO 27001:2013
  • Information Security, Risk Assessment and Asset concepts and definitions
  • Structure of ISO 27001:2013 Standard
  • The ISO 27001:2013 Standard – Clauses 4 through 10
    • Clause 4: Context of the organization
    • Clause 5: Leadership
    • Clause 6: Planning
    • Clause 7: Support
    • Clause 8: Operation
    • Clause 9: Performance evaluation
    • Clause 10: Improvement
  • Control Objectives and Controls of Annex A
    • A.5 Information security policies
    • A.6 Organization of information security
    • A.7 Human resource security
    • A.8 Asset management
    • A.9 Access control
    • A.10 Cryptography
    • A.11 Physical and environmental security
    • A.12 Operations security
    • A.13 Communications security
    • A.14 Systems acquisition, development and maintenance
    • A.15 Supplier relationships
    • A.16 Information security Incident management
    • A.17 Information security aspects of business continuity management
    • A.18 Compliance
  • Auditing Terms and Definitions
  • Principles of Auditing and Auditor Competence
  • Audit Planning and Audit Agenda
  • Document Review and Checklists
  • Performing the Audit:
    • Opening meeting
    • Audit Performance and Audit Findings
    • Writing Nonconformities
    • Closing Meeting and Audit Report
  • Audit Follow Up
  • Keeping your Auditing Skills Sharp

This course can be delivered via:

  • Public Training via Live Stream
  • Private Training at your facility, via Live Stream, or both

Live Stream Participants will need the following tools to effectively complete this course:

  • Computer or laptop with MS Windows software or operating system compatible with MS Teams
  • Audio and Visual equipment (i.e., webcam, microphone, headset, etc.)
  • Strong Internet Connection

Participants will receive printed comprehensive reference material, including:

  • Training Course Workbook
  • Workshops
  • Training copy of the ISO 27001:2013 standard

Live Stream: Training course material will be shipped to participants, 3-5 days prior to the start of training, to the shipping address provided at the time of registration.

In-Person: Training course material will be provided to participants on the first day of their arrival.

The duration of this course is four days, as follows:

  • Day 1              8:30 AM to 4:30 PM (CST)
  • Day 2              8:30 PM to 4:30 PM (CST)
  • Day 3              8:30 PM to 4:30 PM (CST)
  • Day 4              8:30 PM to 4:30 PM (CST)

Participants’ successful completion of the course is determined by:

  • Active participation and completion of workshops administered at various stages of the class.
  • Completion of Implementation and Internal Auditor Tests

A Certificate of Completion is provided to all participants upon successful completion of the course. The Certificate awards a total of 2.8 CEUs to participants who attend the entire duration of the course and pass Tests with a minimum score of 70%.

Mireaux courses are certified by Exemplar Global under the Recognized Training Provider program.  Participants attending this course will receive the following benefits:

  • 12 months of ongoing professional development and support through direct access to a series of tailored learning content.
  • Exemplar Global Graduate certificate to enhance their employment potential.
  • Access to an exclusive LinkedIn community to interact with other graduates and industry professionals to promote networking opportunities and skill sharing.
  • Continuing professional development opportunities through access to webinars, online articles, and events.
  • Greater support on their career path.
Mireaux will help find your customized solution!

CONTACT