Information Security Management Systems Auditor Conversion Training Course

AccreditationIRCA A17245 
DurationThree Days
Session Dates and Location


Intended ForExperienced management systems auditors who are also information security professionals.
AimTo equip students with the knowledge and skills required to perform audits of information security management systems against ISO 27000:2005.

At the end of the course the students will be able to:

  • explain the purpose of an ISMS.
  • explain the processes involved in establishing, implementing, operating, monitoring, reviewing and improving an ISMS.
  • explain the purpose, content and interrelationship of ISO 27000:2005, BS 7799-2:2002, ISO/IEC 17799 and ISO 19011, ISO/IEC TR 13555 Parts 3 and 4 (GMITS), EA 7/03 and the legislative framework relevant to an ISMS.
  • interpret the requirements of ISO 27000:2005 and EA 7/03 in the context of an ISMS audit.
  • undertake the role of an auditor to plan, conduct, report and follow up an audit in accordance with ISO 19011.
  • have undergone training recognised by the International Register of Certificated Auditors (IRCA) for persons wishing to become an ISMS auditor.
  • The Content of an ISMS Policy based upon ISO 27000:2005
  • Implementation of an ISMS
  • Integration with Other Management Systems
  • Planning Audits
  • Conducting Audits
  • Interview Skills
  • Report Writing
  • Key National ISMS Legislation
  • Identifying and Assessing ISMS Risks
  • Monitoring ISMS Performance
  • Continual Improvement
  • Certification Requirements