Competency
Auditing Information Security Management Systems III
Gain a practical understanding of auditing ISO/IEC 27001 Annex A controls, with emphasis on supplier relationships, human resource security, and organizational security. This competency equips professionals with techniques for auditing advanced security controls and ensures alignment with the ISO/IEC 27001 framework.
5 Trainers
About
Course Overview:
This competency explores the in-depth audit process for ISO/IEC 27001 Annex A controls related to supplier relationships, HR security, and organizational safeguards. Participants will gain insights into audit techniques, test planning, and compliance evaluations to enhance organizational security posture.
What You'll Learn:
- How to audit ISO/IEC 27001 Annex A controls 8.19 to 8.33
- Best practices for software installation audits
- Assessment of supplier and HR-related controls
- Techniques for auditing organizational security measures
- Developing audit test plans and ensuring compliance
Who Should Take This Course?
This course is perfect for:
- Information Security Auditors and Consultants
- Cybersecurity Professionals focused on compliance
- IT Governance and Risk Managers
- CISOs and security leaders
- Professionals preparing for ISO/IEC 27001 audit roles
What You'll Get:
- A certification of completion
- Expertise in auditing complex ISO/IEC 27001 controls
- Global auditing methodologies and test plan templates
- Access to case-based audit scenarios
- Instruction from a globally experienced security expert
Module 1
Auditing ISO/IEC 27001, Annex A Controls 8.19 to 8.22
- Auditing Control 8.19 – 15 mins
- Auditing Control 8.20 – 15 mins
- Auditing Control 8.21 – 16 mins
- Auditing Control 8.22 – 13 mins
- Practice Quiz
Module 2
Auditing ISO/IEC 27001, Annex A Controls 8.23 to 8.25
- Auditing Control 8.23 – 16 mins
- Auditing Control 8.24 (Part I) – 15 mins
- Auditing Control 8.24 (Part II) – 15 mins
- Auditing Control 8.25 – 15 mins
- Practice Quiz
Module 3
Auditing ISO/IEC 27001, Annex A Controls 8.26 to 8.29
- Auditing Control 8.26 – 15 mins
- Auditing Control 8.27 – 15 mins
- Auditing Control 8.28 – 17 mins
- Auditing Control 8.29 – 16 mins
- Practice Quiz
Module 4
Auditing ISO/IEC 27001, Annex A Controls 8.30 to 8.33
- Auditing Control 8.30 – 14 mins
- Auditing Control 8.31 – 14 mins
- Auditing Control 8.32 – 15 mins
- Auditing Control 8.33 – 14 mins
- Practice Quiz
Specialization · 4 modules
4 Modules
100% Positive Reviews (24 reviews)
104 Lessons (4h 15m)
3,011 Students
Languages Available: Spanish, English, German, French
Exam
Certificate upon completion of the course
Tags
ISO/IEC 27001 Annex A
Information Security Controls
Auditing
Information Security
Management Systems Auditing
Information Security Management
ISO/IEC 27001
About the Trainer
Graeme Parker
Cybersecurity and Information Security Expert
Meet Graeme Parker, a Security, Technology, Risk, and Compliance professional with vast experience in high-profile private and public sector roles. Graeme excels in implementing information risk management solutions and developing security architectures and programs. Graeme has led projects for standards like ISO/IEC 27001, PCI-DSS, and HMG Accreditation. Graeme has conducted risk assessments, led security initiatives, and managed due diligence for outsourcing contracts. His experience spans financial services, government, manufacturing, healthcare, and retail. Graeme is also a certified trainer with PECB, delivering courses globally on ISO/IEC 27001, ISO 22301, ISO/IEC 42001, CISSP, CISM, and CISA exam prep. Graeme has international experience in the UK, USA, Canada, Sweden, Ireland, Germany, and more. Graeme thrives in dynamic environments, advancing cybersecurity practices globally.
