The Chartered Quality Institute

Information security icon Information security management systems auditor/lead auditor conversion course

A 3-day conversion course for existing auditors/lead auditors

The aim of this course is to provide auditors of other management systems with the knowledge and skills required to perform audits of information security management systems (ISMS) based on ISO 27001:2005, in accordance with guidelines provided in ISO 19011:2002.

The focus of the course is on auditing the effectiveness of an ISMS through the correct interpretation of ISO 27001:2005, legislative and regulatory requirements and evaluating business operational processes risks.

Course content

  • ISMS principles and identification, and assessment of the impact of information security processes and operations
  • the purpose, content and requirements of ISO 27001:2005
  • ISO 27001:2005 and its inter-relationship with:
    • other management systems such as ISO 9001
    • other standards including BS 7799-3:2006 guide for ISMS risk management and ISO 25999-1:2006 business continuity management
  • identification and maintenance of legislative and regulatory requirements
  • risk analysis and operational risk control
  • security incident preparedness and response management
  • continual improvement process of an ISMS
  • a review of ISMS auditing in accordance with ISO 19011:2002

Who should attend?

Professionals who have already attended a management system lead auditor course, but need an understanding of effective ISMS auditing.

Course style

  • interactive knowledge-based presentations
  • group work activities
  • practical skills development workshops and role-play
  • continuous and written assessments of delegates' performance

Pre-course requirements

Delegates must have:

  • attended an IRCA certified (equivalent) 5-day lead auditor course in QMS, EMS, FSMS or OH&SMS
  • relevant work experience
  • an understanding of the principles of risk management
  • familiarity of the relevant key information security legislation and good practice guides

Venue

The CQI, Hyde Park Corner, London. See Inside the CQI for more information about the venue.

This CQI Training course meets the Body of Quality Knowledge (BOQK) requirements for the following elements: 5.3, 5.6
It can be used to support your application for CQI corporate membership using the experiential route. Apply the acquired skills and the knowledge in your workplace and use the outcomes as evidence of competence.

Book now

Course List