جمعه 15 آذر 1398

مشخصات دوره

  • عنوان دوره : ISMS ISO 27000 Family
  • مدت زمان دوره : 40 ساعت (5 جلسه 8 ساعته)
  • زبان دوره : فارسی

  •     Course Resource Requirements:  
    • ISMS Standards ISO 27001/BS7799 Standard, Certifications & Training materials
    • ISO Auditor Trainings-ISO Audit & Certification-Standards & Publications

  • Introduction of ISO 27001 and concepts :2013
    • 1: Introduction ,Fundamental principles of Information Security and Auditor Certification
    • 2: World-Wide Recognition of Auditor Qualifications
    • 3: Reference Standards and Documents
    • 4: Learning Objectives
    • 5: Continues Assessment (PDCA)
    • 6: Examination and ISO 27001 certification process
  • Requirements and Controllers of ISO 27001:2013
    • 1: Quick Content Comparison ISO 27001:2013
    • 2: Contents of ISO 27001, Process approach and involved in establishing
    • 3: Implementing & operation the ISMS
    • 4: Monitoring & reviewing the ISMS
    • 5: Maintaining and improving the ISMS
    • 6: ISMS scope, boundaries
    • 7: ISO 27001 clauses
    • 8: Information Security Policy and Objectives
    • 9: Internal Audits, Management Reviews, Improvement.
    • 10: Asset Register
    • 11: Risk Assessment and Risk Treatment.
    • 12: Risk Assessment examination and Evaluation.
    • 13: Annex A Controls and ISO 27002
    • 14: Incident Management and Business Continuity.
    • 15: Introduction to SoA Examination and Evaluation.
  • Audit Planning and Preparation
    • 1: Fundamental audit concepts and principles
    • 2: Process of audit program management (observation, document review, interview, sampling techniques, technical verification, corroboration and evaluation)
    • 3: Audit competence and evaluation methods
    • 4: Communication during the audit
    • 5: Audit Responsibilities
    • 6: Initial Document Review
    • 7: Preparation of an ISO 27001 certification audit
    • 8: Documenting of an ISMS audit
    • 9: Audit plan
    • 10: ISMS Audit Check lists
    • 11: Drafting test plans
  • Process Audit Techniques and collecting evidence
    • 1: Process auditing, Auditor qualities
    • 2: Audit Script, Audit stages , Audit techniques
    • 3: Collecting evidence through questions4: Observation and collecting evidence through questions, checking, note taking
    • 4: Introduction to audit role playing
    • 5: Reporting the Audit Findings
    • 6: Audit team meeting
    • 7: Nonconformities and observation
    • 8: Evaluation of corrective action plans
  • Conclusion
    • 1: NCR Judgement and Reporting
    • 2: Reporting Audit Findings (Corrective actions and follow up)
    • 3: Review of the course