PECB Certified ISO 27001 Lead Auditor
PECB ISO/IEC 27001 Lead Auditor training course is designed to prepare you to audit an information security management system (ISMS) based on ISO/IEC 27001. During this training course, you will acquire the knowledge and skills to plan and carry out internal and external audits in compliance with ISO 19011 and ISO/IEC 17021-1 certification process.
Infoturbe juhtimissüsteemi auditi koolitus võimaldab osalejatel saada põhiteadmised ja oskused infoturbe juhtimissüsteemi (Information Security Management System – ISMS) vastavuse hindamiseks ja auditeerimiseks vastavalt rahvusvahelisele ISO/IEC 27001 standardile. Osalejad saavad hea ülevaate infoturbe protsesside planeerimisest ning auditeerimisest. Läbi praktiliste harjutuste ja juhtumianalüüside omandavad osalejad kogemuse auditi tehnikate kasutamiseks, auditi projekti edukaks juhtimiseks ning tulemuste kommunikeerimiseks.
Koolitusele järgneval päeval on võimalik sooritada rahvusvaheline sertifikaadieksam (inglise keeles). Positiivse eksamitulemuse olemasolul ja töökogemuse tingimuste täitmisel on osalejatel võimalik omandada rahvusvaheliselt tunnustatud „PECB Certified ISO/IEC 27001 Lead Auditor“ sertifikaat.
Sihtgrupp:
- asutuste ja ettevõtete audiitorid, siseauditi üksuse töötajad
- audiitorid, kellel vaja läbi viia infoturbe juhtimissüsteemide auditeid ja sertifitseerimist
- äri- ja IT-üksuse töötajad, vastavuskontrolli töötajad
- elutähtsa teenuse osutajad, kvaliteedikontrolli töötajad
Koolitusel osalemise eeldused (soovitavalt): varasem praktiline kokkupuude infoturbega või auditeerimisega.
Koolituse teemad
- Introduction to the information security management system (ISMS) and ISO/IEC 27001
- Audit principles, preparation, and initiation of an audit
- On-site audit activities
- Closing the audit
- Certification Exam
The “PECB Certified ISO/IEC 27001 Lead Auditor” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:
- Domain 1: Fundamental principles and concepts of Information Security Management System (ISMS)
- Domain 2: Information Security Management System (ISMS)
- Domain 3: Fundamental audit concepts and principles
- Domain 4: Preparation of an ISO/IEC 27001 audit
- Domain 5: Conducting an ISO/IEC 27001 audit
- Domain 6: Closing an ISO/IEC 27001 audit
- Domain 7: Managing an ISO/IEC 27001 audit program
After successfully completing the exam, you can apply for the credentials shown on the table below. You will receive a certificate once you comply with all the requirements related to the selected credential.
By the end of this training course, the participants will be able to:
- Explain the fundamental concepts and principles of an information security management system (ISMS) based on ISO/IEC 27001;
- Interpret the ISO/IEC 27001 requirements for an ISMS from the perspective of an auditor;
- Evaluate the ISMS conformity to ISO/IEC 27001 requirements, in accordance with the fundamental audit concepts and principles;
- Plan, conduct, and close an ISO/IEC 27001 compliance audit, in accordance with ISO/IEC 17021-1 requirements, ISO 19011 guidelines, and other best practices of auditing;
- Manage an ISO/IEC 27001 audit program.
Koolitaja:
PhD Andro Kull, certified ISO 27001 Lead Auditor
Andro Kull during his career, has worked in both sectors, public and private. In the previous years he has worked for the financial sector with regards to IT and information security, and for the energy sector with regards to IT risks, where security and continuity demands are very high. Kull started his career as IT specialist and IT manager, and has worked extensively as IT auditor and as IT risk manager for one of the largest company in Estonia. At the same time, he founded a small consulting company and managed projects related to IT risk assessment, the implementation of security measures, business continuity planning (BC), planning for recovery (DR), and crisis management mostly in public sector organizations.
The international environment is not new to Andro Kull, since he has participated in the European Central Bank internet payment security working group. Kull has been cooperating with the IT banking supervisors on an international level. Furthermore, he has organized one international conference in Tallinn. In addition, he has worked for European Union DG Connect as advisor connected with IT risk management recommendations development.
Andro Kull holds a PhD degree from the University of Tampere, concentrating on the IT oversight and compliance verification methodologies, and he currently is lecturing IT risk and information security management issues at the University of Tallinn.
Koolitushind sisaldab:
- Certification and examination fees are included in the price of the training course
- Training material containing over 450 pages of information and practical examples will be distributed
- An attestation of course completion worth 31 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course.
- In case of exam failure, you can retake the exam within 12 months for free.
Lisaks pakume:
- vajadusel tasuta korduskoolitust kui tunned, et mõni oskus vajab täiendamist või pidid endast mittesõltuvatel põhjustel koolituse katkestama.