The aim of this course is to provide students with theknowledge and skills required to perform first, second andthird-party audits of information security management systemsagainst ISO/IEC 27001 (with ISO/IEC 27002), in accordance withISO 19011 and ISO 17021, as applicable.
Course benefits
On completion, successful students will have the knowledgeand skills to:
Explain the purpose and business benefits of aninformation security management system standards,management system audits and of third-party certification.
Explain the role of an auditor to plan, conduct, reportand follow up an information security management systemaudit and or establish conformity (or otherwise) with ISO/IEC27001 (with ISO/IEC 27002) in accordance with ISO 19011 (and ISO 17021 where appropriate).
Who should attend
This course is recommended for anyone who is planning toperform internal audits/preparing to become an external auditor ofInformation Security Management Systems. This course is highly interactive in nature with emphasis onactive involvement of students in group-work, brainstormingsessions, quizzes and students sharing their experiences with eachother. The tutor will provide his theoretical inputs to supplementthe course and impart applied knowledge to various situations.
...%%%
...
Pre-requisites
- For succesful completion of this course, we recommend the following prior knowledge:
a) Management systems - Understand the Plan-Do-Check-Act (PDCA) cycle
b) Knowledge of the following information securitymanagement principles and concepts:
- Awareness of the need for information security
- The assignment of responsibility for information security
- Incorporating management commitment and the interestsof stakeholders
- Enhancing societal values
- Using the results of risk assessments to determineappropriate controls to reach acceptable levels of risk
- Incorporating security as an essential element ofinformation networks and systems
- The active prevention and detection of informationsecurity incidents
- Ensuring a comprehensive approach to informationsecurity management
- Continual reassessment of information security andmaking of modifications as appropriate.
c) ISO/IEC 27001 Knowledge of the requirements of ISO/IEC 27001 (with ISO/IEC 27002) and the commonly usedinformation security management terms and definitions, asgiven in ISO/IEC 27000.
%%%Med mere end 70.000 certifikater udstedt på verdensplan, har DNV GL i årevis været den foretrukne certificeringspartner for mange internationale organisationer samt mindre og mellemstore virksomheder.
DNV GL's lokale tilstedeværelse, globale erfaring og anerkendte faglige kompetence på tværs af brancher bidrager til et godt samarbejde med vores kunder. Vi samarbejder med vores kunder for at hjælpe dem med at skabe værdi, og til at opfylde økonomiske, sociale og miljømæssige krav og udfordringer - uanset industri, branche eller størrelse på organisationen.
Gennem vores certificering, verificering, assessments og kursus ydelser, styrker vi vores kunders organisationer, produkter, medarbejdere, faciliteter og forsyningskæder.
Vores kerneområder er:
* Certificering af ledelsessystemer - Vi har udstedt mere end 70.000 certifikater.
* Supply Chain Management
* Produktcertificering - Sikre adgang til globale markeder og mere bæredygtige produkter.
* Verifikation
* Personcertificering- Sikre og skabe tillid til individuelle kompetencer.
* Uddannelse – Inden for kvalitet, miljø, arbejdsmiljø og audit
Vores mission er at beskytte liv, ejendom og miljø, da DNV GL gerne vil bidrage til en sikker og bærerdygtig fremtid.