|
Provided by: Sridhar's Quality Academy Internal Auditor - ISO 27001 |
 |
Internal Auditor - ISO 27001
DAY - 1
Introduction
- What are internal audits?
- Why we need them?
- PDCA of IA
- Intro to ISO27001
- Formation of audit teams, identifying the auditors and auditees for live audits
How to do process validation?
- Verification and validation?
- Effectiveness and efficiency?
- Process objectives?
Mandatory clauses
- What are these clauses?
- How to audit them?
- Teams prepare checklists which will be used for their audits
- Focus on PDCA
- Process wise objectives
- Process wise validations
- Revisit the checklists
Planning the audit
- How to plan Internal Audit?
- Team allocation
- Coverage of processes
- Prepare an audit plan
Doing the audit/ Checking the audit/ RCA & CAPA
- Qualities of a good auditor
- Qualities of a bad auditor
- Time management
- Process coverage
- Verifying audit results
- Audit reporting
- NC writing
- Root cause Analysis
Closing for the day
- Q&A
- Queries
DAY - 2
Security of the Organization Personnel security
- Detailed discussion on each control covering PDCA, ownership and metric
- Org level controls
- Secure HR practices
Physical and environmental security
- Physical entry controls
- Maintenance
- Material movement
Communications and operations security
- Anti- virus
- Back up
- Operational procedures etc
Access control
- User related controls
- Password policy and Management
- Network controls
System Development & Maintenance
- Mapping the existing SDLC processes to controls
Incident management/ BCP/ Compliance
- Reporting and reacting to incidents, SLAs
- BCP framework
- How to validate BCP?
- Identification of compliance needs and meeting them
Conclusion
- Feedback
- Q&A
- Closure
Introduction
- What are internal audits?
- Why we need them?
- PDCA of IA
- Intro to ISO27001
- Formation of audit teams, identifying the auditors and auditees for live audits
How to do process validation?
- Verification and validation?
- Effectiveness and efficiency?
- Process objectives?
Mandatory clauses
- What are these clauses?
- How to audit them?
- Teams prepare checklists which will be used for their audits
- Focus on PDCA
- Process wise objectives
- Process wise validations
- Revisit the checklists
Planning the audit
- How to plan Internal Audit?
- Team allocation
- Coverage of processes
- Prepare an audit plan
Doing the audit/ Checking the audit/ RCA & CAPA
- Qualities of a good auditor
- Qualities of a bad auditor
- Time management
- Process coverage
- Verifying audit results
- Audit reporting
- NC writing
- Root cause Analysis
Closing for the day
- Q&A
- Queries
DAY - 2
Security of the Organization Personnel security
- Detailed discussion on each control covering PDCA, ownership and metric
- Org level controls
- Secure HR practices
Physical and environmental security
- Physical entry controls
- Maintenance
- Material movement
Communications and operations security
- Anti- virus
- Back up
- Operational procedures etc
Access control
- User related controls
- Password policy and Management
- Network controls
System Development & Maintenance
- Mapping the existing SDLC processes to controls
Incident management/ BCP/ Compliance
- Reporting and reacting to incidents, SLAs
- BCP framework
- How to validate BCP?
- Identification of compliance needs and meeting them
Conclusion
- Feedback
- Q&A
- Closure
About The Training Provider: Sridhar's Quality Academy
Sridhar's Quality Academy - Headed by Mr Sridhar Chakravarthi an IAF Officer and Lead Auditor Trainer - ISO 9001/ BS 7799(ISO 27001)/ BS 15000(ISO 20000), STRATEGIQA (formerly Sridhar's Quality Academy SQA ) is striving to achieve a landmark in training the people in various Process Improvement Systems which will keep an Organization at its best.
Sridhar has worked with the organizations like KPMG and has helped...
