Certified Information Security Lead Auditor (ISO 27001:2022)

Objective

Certified Information Security Lead Auditor (ISO 27001:2022) aims to certify the knowledge, skills and understanding necessary to develop competencies in the effective and efficient management of information security management system audits to ensure compliance with the requirements of the ISO/IEC 27001:2022 standard. For which, the candidate must be prepared, i.e. acquire sufficient knowledge for the application of the principles, methods, techniques and tools, if any, necessary in planning, conducting, monitoring and improving audits in accordance with ISO 19011, ISO/IEC 27007, ISO/IEC 17021-1 and ISO/IEC 27006 standards.

Aimed at

• Anyone with responsibility for the compliance of an information security management system (ISMS) with the ISO/IEC 27001 standard, as well as responsibility for the overall ISMS audit process from an internal and external perspective.
• Individuals who play the role of auditor and must know how to lead ISMS certification audits.
• People whose functions as part of a team, as consultants or technical experts in information security, require knowledge of how ISMS audits are managed and developed.
• Professionals in general who wish to know and understand how internal or external ISMS audits are conducted or how an ISMS audit program is managed.

Pre requirements

• Prerequisites for the certification exam: The candidate must have participated in the official training course provided by a GTA Accredited Training Organization (ATO), or have completed self-study using the official kit provided by Global Trust Association through its website. Previous knowledge of information security, risk and technology infrastructure management is recommended.

Main Subjects

General Introduction to Information Security Management.

20%

• Fundamentals of Information Security.
• Recognition of ISO/IEC 27000 Family Standards and Exploration of ISO/IEC 27001:2022 and ISO/IEC 27002:2022.

Understanding the Composition and Functioning of an Information Security Management System

20%

• Fundamentals of Management Systems and ISMS.
• Development of Clauses of the ISO/IEC 27001:2022 Standard.

Fundamental Aspects of Management Systems and ISMS Audits

20%

• Concepts, Terms and Main Standards of Management Systems and ISMS Audits.
• Principles of Management Systems Audits.
• Application of Key Approaches in Management Systems Audits.

Life Cycle Management of Audit Programs and Information Security Management System Audits

40%

• Management of an Audit Program in the Context of an ISMS (According to ISO 19011 and ISO/IEC 27007).
• Management of the Preparation and Conduct of an Audit in the Context of an ISMS (According to ISO 19011 and ISO/IEC 27007).

Ver temario completo