Competency
Auditing Information Security Management Systems II
This competency equips participants with auditing skills for management systems, covering principles, procedures, techniques, audit phases, and effective reporting.
5 Trainers
About
Course Overview:
This advanced auditing course dives deep into ISO/IEC 27001 Annex A controls, focusing on implementation and verification of access controls, physical safeguards, asset protection, and cryptography. It prepares learners to conduct thorough audits in high-risk domains and ensure security alignment.
What You'll Learn:
- How to audit asset management and access control measures
- Best practices in auditing physical and environmental security
- Evaluation of cryptographic controls and secure data handling
- Strategies to ensure ISO/IEC 27001 Annex A compliance
- Techniques to create and apply detailed audit test plans
Who Should Take This Course?
This course is perfect for:
- Information security auditors and consultants
- Risk and compliance professionals working with ISO standards
- IT and security governance leaders
- Cybersecurity managers in regulated industries
- Internal audit teams focused on information assurance
What You'll Get:
- A certification of completion
- Advanced auditing expertise aligned with ISO/IEC 27001
- Practical audit plans and implementation strategies
- Deep insight into critical Annex A controls
- Real-world knowledge to support security and compliance
Module 1
Auditing ISO/IEC 27001, Annex A Controls 8.3 to 8.6
- Auditing Control 8.3 (14 mins)
- Auditing Control 8.4 (14 mins)
- Auditing Control 8.5 (16 mins)
- Auditing Control 8.6 (16 mins)
- Practice Quiz
Module 2
Auditing ISO/IEC 27001, Annex A Controls 8.7 to 8.10
- Auditing Control 8.7 (15 mins)
- Auditing Control 8.8 (17 mins)
- Auditing Control 8.9 (16 mins)
- Auditing Control 8.10 (16 mins)
- Practice Quiz
Module 3
Auditing ISO/IEC 27001, Annex A Controls II
- Auditing Control 8.11 (15 mins)
- Auditing Control 8.12 (Part I) (14 mins)
- Auditing Control 8.12 (Part II) (16 mins)
- Auditing Control 8.13 (15 mins)
- Practice Quiz
Module 4
Auditing ISO/IEC 27001, Annex A Controls 8.14 to 8.18
- Auditing Control 8.14 (15 mins)
- Auditing Control 8.15 (14 mins)
- Auditing Controls 8.16 and 8.17 (15 mins)
- Auditing Control 8.18 (15 mins)
- Practice Quiz
Specialization · 4 modules
4 Modules
100% Positive Reviews (24 reviews)
104 Lessons (4h 15m)
3,011 Students
Languages Available: Spanish, English, German, French
Exam
Certificate upon completion of the course
Tags
ISO/IEC 27001 Annex A
Information Security Controls
Management Systems Auditing
Information Security
Information Security Management
Information Security Auditing
Auditing Controls
About the Trainer
Graeme Parker
Cybersecurity and Information Security Expert
Meet Graeme Parker, a Security, Technology, Risk, and Compliance professional with vast experience in high-profile private and public sector roles. Graeme excels in implementing information risk management solutions and developing security architectures and programs. Graeme has led projects for standards like ISO/IEC 27001, PCI-DSS, and HMG Accreditation. Graeme has conducted risk assessments, led security initiatives, and managed due diligence for outsourcing contracts. His experience spans financial services, government, manufacturing, healthcare, and retail. Graeme is also a certified trainer with PECB, delivering courses globally on ISO/IEC 27001, ISO 22301, ISO/IEC 42001, CISSP, CISM, and CISA exam prep. Graeme has international experience in the UK, USA, Canada, Sweden, Ireland, Germany, and more. Graeme thrives in dynamic environments, advancing cybersecurity practices globally.
