The Series of Courses "Information Security Auditor" is the ideal supplement for trained IS Managers. As an auditor, you can conduct all internal audits yourself and optimally prepare a company for external audits by using the methods imparted in the course.
As an IS Auditor, you are the “top instance” for Information Security Management Systems (ISMS) within the company. You will review information security for its conformity to the standard and elaborate opportunities for improvement before the CIS Certificate acc. to ISO/IEC 27001 is granted or prolonged. Internal audits stand the test as powerful tools to sustainably increase profitability and efficiency of the ISMS.
After attending this series of courses, you will be able to plan and conduct both internal and external audits and analyze their results. You will be able to identify any weaknesses and potential for improvement and evaluate them. Furthermore, you will be able to apply the basic rules of communication in theory and practice and to think in systemic contexts.
CIS is accredited for personnel certification by the Austrian Ministry for Economic Affairs. This means the Certificates for Individuals are documents recognized on a national and international scale.
The training for IS Auditors lasts 3 days and is made up of two modules:
Day 1: Audit techniques: Internal audits as a powerful tool for system improvement (ISAT)
Day 2+ 3: Psychological basics: Between auditor and developer. Think systemically, communicate effectively. (ISAP)
Day 3 includes the Information Security Auditor (ISA-P) exam, duration approx. 1 hour.
In order to be allowed to participate, you need a valid Certificate as an IS Manager. Thus a high qualification level of the auditors is guaranteed. The training opens up any kind of job opportunities in a growing market.
Single modules are offered after request
Internal audits as a powerful tool for system improvement
Overview
The content of this Course module is the theory of conducting internal and external audits based on the audit process according to ISO/IEC 19011.
This includes
Based on examples from ISO 27007:2020 we will transition from theory to practice.
Goal of the seminar
Participants will be able to plan and conduct audits, document the results, and evaluate and improve the audit process. Moreover participants know every step of the audit process and can customize these steps according to an organization or ISMS. They know their way around relevant documented information as for example audit programme, audit plan, checklist, audit report. Audits may be conducted and necessary information may be gathered, processed and reported by means of qualified communication techniques.
Duration
1 day
Between examiner and developer; thinking systemically; communicating effectively
Overview
At an audit, auditors have a double challenge. On the one hand, they have to act as expert examiners. On the other hand, they have to act as foresighted development agents, who set important impulses for further development of the ISM System. Auditors are in contact with the top managerial level as well as operational management. Besides expert knowledge, auditors need a high social competence, the capability of thinking in an interlinked manner, identifying cross-departmental system interrelations as well as insights into the basic rules of communication. At this seminar, theory and practice supplement each other harmoniously.
Goal of the seminar
The participants practice thinking in system interrelations, know an auditor’s competences and are in command of the basic rules of communication in theory and practice.
Duration
2 days
Contents of the examination:
The contents of the examination refer to the two CIS Course Modules
Admission to examination
The admission conditions for each examination are stated in the CIS - course content. Registration to an examination will have to be done in writing with CIS, compliance with the admission conditions having to be demonstrated by the person applying for the Certificate. If the person applying for the Certificate has attended the trainings within the qualification programs of CIS, the trainings will be recognized automatically if the applicant was present at least 80% of the period covered by the event. If a person applying for the Certificate wants to have other trainings credited, it is necessary to have the equivalence of these trainings with the certification program stated.
For stating this equivalence, a separate written application will have to be filed. A presentation of the trainings completed and a comparison with the requirements placed by the certification program will have to be enclosed to this application. The respective requirements can be requested from the Certification Body.
For reviewing conformity to the certification program and topicality of the references provided by the person applying for the Certificate, a qualification check will be made. This check is made up of oral technical discussions lasting 30 to 60 minutes and will be carried.
Further admission to examination
Auditor Candidate
Even if no practical experience can be evidenced, participation in the examination is possible. In this case, you will get the status Auditor Candidate until adequate evidence is furnished within 3 years.
Conduct of the examination
The written examination (multiple choice) will take 1 hour.
Certificate
Upon positive completion of the examination, the Certificate “IS Auditor acc. to ISO/IEC 27001” will be issued. If no audit experience is evidenced, “Candidate” will be added.
Period of validity of the Certificate
3 years
Prolongation criteria
The participation fee for the entire Information Security Auditor course series, including examination and certificate, is € 3.290,- (excl. 20 % VAT).
Prices for individual modules on inquiry. Please contact us at trainings@cis-cert.com.
Prerequisite for exam:
Please note that deviations from the new course program may arise in terms of content and participation fees.
You are currently viewing a placeholder content from Facebook. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.
More InformationYou are currently viewing a placeholder content from Instagram. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.
More InformationYou are currently viewing a placeholder content from X. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.
More Information