Training for internal auditors in accordance with the ISO 27001:2013 standard
This seminar is intended for people who work on the introduction of information security according to ISO 27001/27002: 2013 and / or persons who will participate in internal audits of the established system.
Knowledge about ISO 27001/27002: 2013 is not a prerequisite for participation.
Familiarize participants with the information security system based on ISO 27001/27002: 2013. Train students for the planning, organization and implementation of internal audits and identification of non-compliance and to make proposals for corrective and preventive actions.
Introduction to Information Security Management
PDCA model in the processes of information security management
Key concepts in the management of information security
Understanding the requirements of ISO 27001:2013:
- Requirement group 4: Organization context
- Requirement group 5: Leadership
- Requirement group 6: Planning
- Requirement group 7: Support
- Requirement group 8: Operations
- Requirement group 9: Evaluating performance
- Requirement group 10: Improvements
Understanding the requirements of Annex A - ISO 27002:2013
- A.5: Information security policy
- A.6: Information security organization
- A.7: Human resources safety
- A.8: Asset management
- A.9: Access control
- A.10: Cryptography
- A.11: Physical and environmental security
- A.12: Operational safety
- A.13: Communications safety
- A.14: Nabava, razvoj i održavanje sustava
- A.15: Odnos s dobavljačima
- A.16: Upravljanje incidentima informacijske sigurnosti
- A.17: Aspekti informacijske sigurnosti kontinuiteta poslovanja
- A.18: Sukladnost
Planning ISMS internal audits
Creating an internal audit plan
Preparing an audit checklist
Implementation of internal audits
Writing an audit report
Writing a non-compliance report
A large number of case studies with active work for the attendants
Internal auditor exam
- The seminar lasts 3 days
- Theoretical and practical work with exercises
- Exam after the seminar is finished
All attendants that pass the intern auditor exam receive the certificate: ISO 27001:2013 internal auditor of an information security system.
Everyone else receives the participation certificate.
Prof.dr.sc. Zdravko Krakar and dr.sc. Silvana Tomić Rotim, Lead Auditor, CISA
3.450,00 kn + VAT
The price includes: a collection of slides and work materials for the lecture and exercises, internal auditor certificate (in case of a successfully passed exam), lunch and refreshments during breaks.
ZIH d.o.o., tel: 01/4855-271, 4855-273; fax: 01/4855-272; e-mail: firstname.lastname@example.org
By sending a filled out application.