ISO/IEC 27001:2013 Information Security

40 Hrs / 35 PDU'S

ISO/IEC 27001 is an international standard that provides the basis for effective management of confidential and sensitive information, and for the application of information security controls.It enables organizations to demonstrate excellence and prove best practice in Information Security management. Conformance with the standard requires commitment to continually improve control of confidential and sensitive information, providing reassurance to sponsors, shareholders and customers alike.

Re-released in 2013, ISO/IEC 27001 builds upon established foundations as the most widely recognized international standard specifically aimed at information security management. The adoption of an Information Security Management System (ISMS) is a strategic decision driving the coordination of operational security controls across all of the organization’s electronic and physical information resources.The standard can be integrated with other management system framework standards, such as the quality standard ISO 9001 and ISO/IEC 20000 for IT service management.ISO/IEC 27001 provides a model to establish, implement, maintain and continually improve a risk-managed ISMS. The design and implementation of the management system is tailored to the organization’s objectives, information assets, operational processes and governing legal and regulatory security requirements.


To give a basic understanding of:
  • The purpose of ISMS and the processes involved in establishing, implementing, operating, monitoring, reviewing and improving an ISMS as defined in ISO 27001, including the significance of these for ISMS auditors
  • The purpose, content and interrelationship of ISO 27001:2013, the international standard ISO 17799:2005 and ISO/IEC 13335 Parts 1 & 2 (MICTS) and ISO/IEC TR 18044:2004, EA 7/03 and the legislative framework relative to an ISMS
  • The role of an auditor to plan, conduct, and follow up an ISMS audit in accordance with ISO 19011 and the guidance criteria contained in EA 7/03

Who should attend?

This is intended for those who will be involved in conducting internal audits of an ISMS that conforms to ISO/IEC 27001:2013 in an organization.
Suggested job roles and their teams include:
  • Information security managers
  • IT and corporate security managers
  • Corporate governance managers
  • Risk and compliance managers
  • Information security consultants

Eligibility Criteria

You should already have knowledge how ISO/IEC 27001:2013 works (for delegates who do not have this, we recommend attending our one day requirements course)

Exam Details

We will take the responsibility to register you for IRCA Approved ISO/IEC examination.
At the end of the 5 day ISO/IEC  Lead Auditor Course you will take a 2 Hours exam

Course Contents

Based on the principles of confidentiality, integrity and availability, the ISO 27001 covers:
  • Information security policies
  • Organisation of information security
  • Human resources security
  • Asset management
  • Access control
  • Cryptography
  • Physical and environmental security
  • Operations security
  • Communications security
  • System acquisition, development and maintenance
  • Supplier relationships
  • Information security incident management
  • Information security aspects of business continuity management
  • Compliance

Course Enquiry

Our Value Added Services

  • A copy of the standard ISO /IEO 27001:2013 Course Materials
  • Detailed course notes
  • IRCA certified training course certificate
  • You will gain 40 CPD points on completing the course
  • Free Retrain for No-Pass Students

We are Approved by