It's a PECB certified self-study course with price of HKD 6,800 (or USD 900) by DQS HK.
ISMS-LA-SP
- Auditors seeking to perform and lead Information Security Management System (ISMS) certification audits
- Managers or consultants seeking to master an Information Security Management System audit process
- Individuals responsible for maintaining conformance with Information Security Management System requirements
- Technical experts seeking to prepare for an Information Security Management System audit
- Expert advisors in Information Security Management
After successfully completing the study and passing the exam, you can apply to PECB for:
- Certified Auditor qualification, if you have:
- - 2 years' professional experience, including 1 year in Information Security Management, and
- - audit activities of 200 hours;
- Certified Lead Auditor qualification, if you have:
- - 4 years' professional experience, including 2 year in Information Security Management, and
- - audit activities of 300 hours;
- Certified Senior Lead Auditor qualification, if you have:
- - 10 years' professional experience, including 7 year in Information Security Management, and
- - audit activities of 1,000 hours.
By the end of this training course, the participants will be able to:
- Explain the fundamental concepts and principles of an information security management system (ISMS) based on ISO/IEC 27001
- Interpret the ISO/IEC 27001 requirements for an ISMS from the perspective of an auditor
- Evaluate the ISMS conformity to ISO/IEC 27001 requirements, in accordance with the fundamental audit concepts and principles
- Plan, conduct, and close an ISO/IEC 27001 compliance audit, in accordance with ISO/IEC 17021-1 requirements, ISO 19011 guidelines, and other best practices of auditing
- Manage an ISO/IEC 27001 audit program
It's designed for a 5-day course, to be completed normally within 4 months. The listed date is just for reference.
- Training course objectives and structure
- Fundamental audit concepts and principles
Day 3 - On-site audit activities
Duration: 3 hours
The exam covers the following competency domains:
- Domain 1: Fundamental principles and concepts of Information Security Management System (ISMS)
- Domain 2: Information Security Management System (ISMS)
- Domain 3 Fundamental audit concepts and principles
- Domain 4 Preparation of an ISO/IEC 27001 audit
- Domain 5 Conducting an ISO/IEC 27001 audit
- Domain 6 Closing an ISO/IEC 27001 audit
- Domain 7 Managing an ISO/IEC 27001 audit program
