Information Security 27001 Lead Auditor – ISO 27001 formação

Curso Information Security ISO 27001 Lead Auditor, Information Security ISO 27001 Lead Auditor, ISO 27001 lead Auditor formação, ISO 27001 lead Auditor certificação, ISO 27001 lead Auditor exame, segurança da informação IS 27001, ISO 27001 formação, ISO 27001 curso, ISO 27001 exame, ISO 27001 certificação, ISO 27001 auditor, ISO 27001 auditor lider, ISO 27001 Portugal, ISO 27001 live online training, ISO 27001 formação online

Adquira expertise para liderar equipas de auditoria e para auditar um Sistema de Gestão de Segurança da Informação (SGSI), implementado de acordo com os requisitos da norma internacional ISO/IEC 27001.

 

O curso Information Security 27001 Lead Auditor, além da abordagem à norma, inclui uma parte prática – a metodologia de auditoria de um Sistema de Gestão de Segurança da Informação desenvolvido usando os requisitos de auditoria ISO e melhores práticas, e outras orientações relacionadas à auditoria – orientado por um estudo de caso. Mais do que conhecer conceitos, princípios e requisitos da ISO/IEC 27001 e conformidades de auditoria para a ISO/IEC 27001, os participantes aprenderão a colocar em prática um programa de auditoria ISO/IEC 27001, baseado numa metodologia de auditoria customizada proposta pela BEHAVIOUR.

No decorrer do curso, os participantes vão desenvolver os recursos necessários para apoiar a implementação e manutenção de um programa de auditoria, incluindo os modelos necessários e outros recursos que suportam as atribuições de auditoria interna ou externa usando a ISO e outras práticas recomendadas de auditoria no mercado. Esta abordagem fornece aos participantes o conhecimento e as competências necessárias para desenvolver e adaptar suas próprias ferramentas de auditoria em resposta aos requisitos do contexto do mundo real.

Os conhecimentos fundamentais do curso Information Security 27001 Foundation estão incluídos neste curso e por essa razão a participação ou a certificação Foundation não são pré-requisitos. Este curso não faz parte de um percurso de formação.

Os recursos materiais da formação foram atualizados com as últimas edições publicadas de todas as melhores práticas relacionadas. Também considera a última edição da norma ISO/IEC 27001:2022 e a última edição da norma ISO/IEC 27002:2022.

 

Próximas DATAS GARANTIDAS (*)      11-Abr-2023, Live Training   Inscreva-se       20-Jun-2023, Live Training   Inscreva-se       

avaliação do curso     4.8 em 5

Curso Information Security ISO 27001 Lead Auditor, Information Security ISO 27001 Lead Auditor, ISO 27001 lead Auditor formação, ISO 27001 lead Auditor certificação, ISO 27001 lead Auditor exame, segurança da informação IS 27001, ISO 27001 formação, ISO 27001 curso, ISO 27001 exame, ISO 27001 certificação, ISO 27001 auditor, ISO 27001 auditor lider, ISO 27001 Portugal, ISO 27001 live online training, ISO 27001 formação online

Introdução

Este curso está disponível no modelo presencial e Live Online Training. O Live Online Training traz-lhe o ambiente dinâmico da sala de aula para a sua secretária. Através do seu computador, você interage com o formador e os formandos como se estivesse com eles na sala de aula. Clique para saber como funciona o > Live Online Training < Percurso Information Security 27001 Lead Auditor On this course, the students will acquire the expertise to develop an audit program, lead audit teams and audit an Information Security Management System (ISMS), established according to the requirements of the ISO/IEC 27001 International Standard.
Besides the fundamental concepts related with information security and a detailed overview clause-by-clause of the ISO/IEC 27001 standard and its controls, the course leads the students through a step-by-step customized methodology to prepare and conduct internal and external audits in compliance with the ISO/IEC 27001 international standard. The ISMS audit program and its process covered on this course is supported by the ISO 19011, ISO/IEC 27007, ISO/IEC 27008, ISO/IEC 17021-1 and ISO/IEC 27006 standards, and other international recognized audit best practices.
The audit customized methodology helps the students to transform the learned knowledge and expertise into real-world practice. Applying this knowledge, the students will be able to draft and implement their own audit program, including the design of the required tools and techniques to support the audit program and perform their internal and external audit assignments.
Based on a real-world adapted case-study organization, and supported by several approaches, templates, and other tools, including discussions and practical exercises, the students will team-up with their peers during this course and will be challenged to demonstrate their Lead Auditor skills on the audit of the ISMS for this organization. This training methodology train and prepare students for successfully perform audits in conformity with the ISO/IEC 27001 standard in a real-world environment.

Metodologia
This course is based on theorical, and practical sessions supported by a real-world adapted case-study.
The course includes hands-on practical and theorical exercises to:
  • better prepare the students for the real-world challenges
  • to prepare and increase the likelihood of success on the certification exam
  • train and prepare professionals for leading the ISMS audits and achieve/assess for ISO/IEC 27001 certification
This course is available to be delivered in a Classroom and Live-Training model.
Live Training brings you the dynamic environment of the classroom, to your desk. Using your computer, you interact with the trainer and the trainees as if you were with them in the classroom.

Destinatários
This course is intended to:
  • Information Security, IT Consultants or other IT/IS experts that need to perform Internal or External Audits
  • Internal auditors participating or leading ISO/IEC 27001 audits
  • External auditors hired by contract to perform internal audits or, requiring the needed knowledge to work with Organization Certification Bodies performing ISO/IEC 27001 certification audits
  • Managers or head of audit departments wanting to complement their knowledge on how to establish an ISO/EC 27001 audit compliant program
  • Project managers leading or preparing to lead an ISO/IEC 27001 implementation program that need to understand the ISMS audit requirements and want to establish an ISO/IEC 27001 compliant audit program
  • Any professional involved on the implementation or operation of an ISMS based on ISO/IEC 27001 wanting to better understand the audit process
  • Anyone who wants to acquire the knowledge needed to audit an ISO/IEC 27001 ISMS

Pré-Requisitos
Students should understand English as the course documentation is in this language. Please consult BEHAVIOUR to verify the availability of the course on other languages.

Duração (dias)
5 dias

Objectivos Gerais
At the end of this course students will be able to:
  • Understand the fundamental information security concepts, and the main requirements and controls of ISO/IEC 27001
  • Get to know and understand the correlation of the ISO/IEC 27000 family standards, including ISO/IEC 27001, ISO/IEC 27002, and related ISO and other best practices, legislation and regulation
  • Understand the ISO/IEC 27001 certification process
  • Understand the fundamental audit concepts and principles based on the ISO 19011 standard
  • Establish, implement, maintain, and improve an internal audit program compliant with the requirements of ISO/IEC 27001 and supported by the most recent ISO and related audit best practices
  • Understand the requirements and know how to prepare and plan ISMS compliant ISO/IEC 27001 audits
  • Understand the main roles, including the auditor role, competence requirements and the communication requirements to successfully perform an audit
  • Conduct ISO/IEC 27001 internal and external audits, either first-party, second-party or third-party audits
  • Draft and/or implement the required templates, tools, and techniques to support an audit program and an ISO/IEC 27001 audit
  • Identify and record findings, including nonconformities to establish conclusions and draft the audit report
  • Understand and implement the needed activities to complete an ISO/IEC 27001 audit, including ensuring the implementation of the required audit follow-up activities
  • Use the audit process to support the organization on the continuous compliance with ISO/IEC 27001, and on the maintenance of the ISO/IEC 27001 certification

Programa
  1. Introduction to Information Security, the ISO/IEC 27001 standard and, related best practices
    • Course introduction
    • Information security standards, legislation, and regulation
    • Advancing for ISO/IEC 27001 Certification
    • Information security fundamentals
    • Presentation and overview of the ISMS requirements (Part 1- Clauses 4 to 6.1)

  2. ISMS and Audit concepts and principles
    • Presentation and overview of the ISMS requirements (Part 2 - Clauses 6.2 to 10; and Annex A)
    • Introduction to audit concepts and principles based on ISO 19011

  3. Preparation, planning and initiating an audit; Conducting documentation and on-site audit activities
    • Internal audit program
    • Preparation and planning for ISMS audits
    • Communicating during the audit
    • Planning and initiating the audit
    • Conducting the Stage 1 documentation audit
    • Summarizing information and planning for the Stage 2 on-site audit
    • Conducting the Stage 2 on-site audit

  4. Conducting on-site audit activities and closing the audit
    • Obtaining and verifying information: audit methods and audit tests
    • Identifying and recording audit findings
    • Preparing for audit conclusions
    • Closing the audit; prepare and distribute the audit report
    • Audit follow-up activities
    • Maintaining the ISO/IEC 27001 certification
    • Personnel certification and closing the training

  5. Certified Information Security 27001 Lead Auditor (CIS27001LA) Exam (Part 1 & Part 2)

Exame
The “Certified Information Security 27001 Lead Auditor” exam covers the following competence domains:
  • Domain 1: Information security fundamentals and ISO/IEC 27001 requirements
  • Domain 2: Fundamental audit concepts and principles based on ISO 19011
  • Domain 3: Establish and maintain an ISO/IEC 27001 internal audit program
  • Domain 4: Prepare and plan ISO/IEC 27001 audit activities
  • Domain 5: Conduct ISO/IEC 27001 audit activities
  • Domain 6: Complete and close ISO/IEC 27001 audit activities
Language(s): English and Portuguese (please consult BEHAVIOUR for availability on additional languages).
Exam details: Two parts exam.
Duration: 1 hour (part 1); 3 hours (part 2).
Results: “Pass or Fail” quantitative score for part 1 and qualitative score for part 2. In the case of a failure, the result will be accompanied with the list of domains in which you had a mark lower than the passing grade. If the candidate fails either part of the exam, he is entitled to one free retake within a 1-year period from the initial exam date.
Passing score: 260/400 marks (part 1); and 700/1000 marks (part 2).
Exam type: Multiple-choice questions (part 1); Scenarios-based open questions (part 2).

Certificação
After successfully completing the certification exam, participants may apply for one of the three available credentials for this personnel certification scheme, depending on their level of experience.
  • Certified Information Security 27001 Associate Auditor: no previous experience required.
  • Certified Information Security 27001 Auditor: 2 years of experience on information security and audits
  • Certified Information Security 27001 Lead Auditor: 5 years of experience on information security and audits
A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential. Candidates also receive the digital badge of the certification achieved.
The “Certified Information Security 27001 Lead Auditor” personnel certification program is drafted and maintained according to the ISO/IEC 17024 standard.

Formador
Os nossos formadores são consultores e auditores de renome, com vários anos de experiência nas áreas de implementação, auditoria e formação na família ISO 27000, com particular incidência sobre as normas ISO 27001, ISO 27005 e normas associadas.

Informações Gerais
FORMAÇÃO PRESENCIAL
  • Formação em regime presencial na língua portuguesa ou inglesa.
  • Recursos materiais da formação em Inglês.
  • Metodologia prática de auditoria passo-a-passo
  • Certificado de Frequência de Formação Behaviour com 32 créditos CPD/CPE.
  • Exame de Certificação em Inglês e Português.
  • Diploma digital de Certificação e Insígnia digital de Certificação, após sucesso no exame e conclusão do processo de candidatura. Este registo não tem qualquer custo associado.
  • Se o candidato não for aprovado no exame, tem o direito a uma nova tentativa gratuita dentro de um período máximo de 12 meses, a contar da data do exame inicial.
  • Coffee-break da manhã e da tarde (aplica-se para todas as formações de decorram nas instalações da Behaviour).
FORMAÇÃO LIVE ONLINE TRAINING
  • Formação na língua portuguesa ou inglesa.
  • Recursos materiais da formação online e em Inglês, com acesso online, com informação e exemplos práticos.
  • Metodologia prática de auditoria passo-a-passo
  • Certificado digital de Frequência de Formação Behaviour com 32 créditos CPD/CPE.
  • Exame de Certificação online, em Português e Inglês. O exame pode ser realizado até 3 meses, após a conclusão do curso.
  • Diploma digital de Certificação e Insígnia digital de Certificação, após sucesso no exame e conclusão do processo de candidatura. Este registo não tem qualquer custo associado.
  • Se o candidato não for aprovado no exame, tem o direito a uma nova tentativa gratuita dentro de um período máximo de 12 meses, a contar da data do exame inicial.

Benefícios
  • ISO/IEC 27001 is an auditable Information Security Management System (ISMS).

  • ISO/IEC 27001 allows certification and international recognition of an organization; access to new markets and optimization of operations; and improves quality, increases productivity, competitive advantage, customer satisfaction and sales revenues.

  • Information Security 27001 Lead Auditor course bases its pedagogical model in a certification program based on the ISO/IEC 17024 standard, which defines the requirements for certification of people, fulfilling the recommendations of ISO.

  • Information Security 27001 Lead Auditor course geared towards to the audit of the standard, through a step-by-step audit process. Thus, throughout the course, in addition to the basic concepts of ISMS, are presented the steps needed to prepare and start the ISMS audit process and the management of audits through an audit program, which includes the selection of the approach, the audit methodology, selection and skills of the auditors, steps and approaches for evidence collection and drafting of findings, including nonconformities, among other activities needed to prepare the auditor to audit the ISMS of his organization or to participate and lead audits for an certification body, using the best practices of audit according the ISO 19011 and the requirements for certification bodies in ISO/IEC 17021-1.

  • One of the strengths of the Information Security 27001 Lead Auditor course, in addition to inclusion of implementation methodology, is that it allows to prepare professionals for the audit of ISO/IEC 27001 certification and the registration in the certifying body. Addresses itself to this end, the recommendations of ISO 19011 and the ISO/IEC 17021-1 - requirements for certification bodies.

  • Certification exam is monitored by an official Behaviour administrator.

  • The Certified Information Security 27001 Lead Auditor certification exam is a two parts exam and is conducted at the end of the course, on the last day of training, which focuses on development questions and case studies allowing the certifying entity to measure, more effectively, the knowledge of the candidates.

  • Upon success in the exam, the professional will achieve one of the Information Security 27001 certifications levels. In case of failure, professional may repeat the exam at no additional cost, within 1 year after the date of the 1st examination.

  • Behaviour Pedagogical Model aims to provide a learning environment conducive to acquisition of competences, in accordance with objectives of each training program. Promoting interaction, participation and appreciation of experiences, we contribute to meaningful learning, certification and international recognition but, above all to the development of critical thinking and autonomy.

  • Behaviour is an organization accredited by DGERT (Portuguese Government Entity) and has its Quality Management System (QMS) implemented in accordance with the requirements of ISO 9001, the requirements of DGERT, the requirements of the European standard NP 4512 and the standard ISO 10015.

Datas e Preço

Clique em “Preço e Inscrição” para aceder a mais informação, incluindo o preço:

Programa Datas Garantidas (*)
(*) Todas as datas deste curso são garantidas nos eventos de ocorrem em Lisboa. Nas outras localizações os eventos estão sujeitos a um número mínimo de participantes
Na Behaviour todos os cursos em Lisboa ocorrem independentemente do número de formandos em sala. O conceito de constituição de turmas não existe no modelo pedagógico da Behaviour, por isso é que todas as datas públicas no site são garantidas. Assim, se estiver em Portugal ou em qualquer outra parte do mundo pode preparar a sua semana e a sua viagem, desde que garanta a sua inscrição no curso.

Descontos de Volume
A Behaviour para empresas atribui descontos dependendo do número total de participantes inscritos. Peça simulação de valores para o número de participantes que pretende inscrever para training@behaviour-group.com ou fale connosco através do chat.

Hotéis e Informações Úteis
Saiba onde pode ficar em Lisboa, perto da Behaviour. Consulte >>Onde Ficar<<