Overview
The 5-day Lead Auditor training course aims to provide participants with the knowledge, and develop the skills and expertise necessary to:
-
Audit a Quality Management System (QMS) based on ISO 9001:2015
-
Ensure that the organization is competent in maintaining and continually improving its QMS
-
Perform third party audits by applying widely recognized audit principles, procedures and techniques
-
Proficiently plan and perform internal and external audits in compliance with ISO 19011 and the certification process according to ISO 17021.
-
Manage audit teams and audit programmes, communicate with customers, resolve conflicts, etc.
Based on practical exercises, the participants will master the audit tools and techniques.
ISO 13485: 2016
Lead Auditor
First time you visit our website?
Empower Your Team with Industry-Leading Training Programs
Tailored corporate training for leadership, technical skills and professional development
-
We serve corporate clients investing in peoples' knowledge, skills, and competencies, to improve business performance, enhance process, product and service quality, and achieve sustained growth and profitability.
-
We understand the meaning of the business terms "Voice of the Customer" and what constitutes "value" from the customer's point of view.
-
We also understand the difference between "value" and "waste" from the business and individual learner point of view.
-
-
We care about the people, the knowledge enhancement of which is entrusted to us by their organisation or themselves.
-
We focus on learning (not just on training, and issuing certificates) and providing post-training advice and support through workshops and consulting services.
Stratos Lazaridis
CEO The Marvel Academy
Corporate Training Solutions
Mob: +44 (0)749 114 7156
Contents
-
Overview
-
What is an ISMS?
-
ISO/IEC 27000 Series - Information Security Management Systems
-
ISO 27001:2013
-
Certification to ISO 27001: 2013
-
Our training courses
-
Prerequisites
-
Training delivery options
ISO 27001
Foundation
ISO 27001
Lead Implementer
ISO 27001
Internal Auditor
ISO 27001
Lead Auditor
Levels of training in ISO 27001 provided by the FabAcademy
ISO/IEC 27001 Information Security Management Systems (ISMS) - Requirements
Overview
Information Security (or, more accurately, Information Assurance), is founded on three major concepts, i.e. Confidentiality, Integrity, and Availability (CIA), plus Non-repudiation. Managing these concepts is critical and, as information has increasingly become one of the modern currencies of society, it is the retention of assurance in an appropriate and cost-effective manner that has become of keen interest to businesses in all sectors, of all sizes and in all locations.
What is an ISMS?
Definition: an Information Security Management System (ISMS) is a:
-
Set of policies, processes, and procedures, for systematically managing an organization's sensitive data.
-
Systematic approach to managing sensitive company information (assets) so that it remains secure.
Goal: to minimize risk and ensure business continuity by pro-actively limiting the impact of a security breach.
Scope: an ISMS includes people, processes, data, information, and IT systems
An ISMS can:
-
Be focused on a particular type of data, such as customer data, or employee data
-
Be implemented in a comprehensive way, that becomes part of the company's culture
-
Help small, medium and large businesses, in any industry sector keep information assets secure.
ISO/IEC 27000 Series - Information Security Management Systems
The ISO/IEC 27000 family of standards:
-
Helps organizations keep information assets secure.
-
Helps your organization to manage the security of assets, such as financial information,
intellectual property, employee details or information entrusted to you by third parties.
ISO 27000: Overview and Vocabulary, is a standard in the ISO 27000 series.
ISO 27001
The ISO 27001 standard:
-
Sets out the requirements for an ISMS
-
Is the only standard in the family that can be certified to (although this is not a requirement)
-
Offers more flexibility in terms of the information risk assessment methodology than the older version of the standard
-
Introduced a new concept: the risk owner (“person or entity with the accountability and authority to manage a risk” - ISO 27000).
-
Can be used by any organization, large or small, regardless of its field of activity.
Using ISO 9001 helps ensure that customers get consistent, good quality products and services, which in turn brings many business benefits.
Certification to ISO 27001
Checking that the Information Security Management System (ISMS) is correctly implemented, and is effective in meeting the set objectives is very important.
To ensure that the ISMS is functioning properly, it is strongly recommended that an organization performs regular
internal audits.
It is a business decision to:
-
Invite an independent certification body (registrar), to verify that the ISMS is in conformity to the ISO 27001: 2013
standard; however, this is not a requirement.
-
Invite its clients to audit the ISMS for themselves.
Our Training Courses
The FabAcademy provides training in ISO 27001 at four (4) levels:
We also deliver a condensed 5-day course, covering all four levels: Foundation (1d), Internal Auditor (1d), Lead Implementer (1 day), Lead Auditor (2 days).
Prerequisites
The following are general prerequisites for attending our training courses:
-
Proficiency in the English language
-
Consideration for other course participants
-
Willingness to actively participate during the training sessions, and an open mind to learn.
Training Delivery Options
Although, primarily, we deliver training to corporate clients, we also train small-size (min. 3 delegates) groups of individual learners, who are interested in updating, or upgrading their knowledge and skills, and advancing in their careers. This training is delivered online (virtual classroom) and is instructor-led.
We do deliver on-site, close group training, as well as online instructor-led training, for corporate/ business clients (B2B).
Book now to reserve, as applicable, an on-site or online instructor-led training event of your choice.
For more details about our:
-
List of training courses please click here.
-
Consulting services please click here
-
Workshops please click here.
For queries, including non-obligation quotes, please contact us.
