ISO 27001 is one of the most popular information security standards in the world, with the number of certifications growing every year. The standard provides a framework for the management of information security risks and enables organizations to take into account their legal and regulatory requirements. This can help to reduce likelihood of facing prosecution and fines while also gain status as preferred supplier.
ISO 27701 is a newly published ISO standard from August 2019 and is a privacy extension to ISO/IEC 27001. It is a jurisdiction neutral framework in terms of its controls which may be used to comply with multiple privacy regimes. The ISO 27701 standard defines controls for controllers and processors, Further, a mapping of the 27701 controls to the GDPR articles is also included in the standard.
Our ISO 27001/ ISO 27701 Internal Auditor and Lead Implementer Training is designed to enhance your knowledge on how to implement and audit a compliance program with focus on Information Security/ Privacy Management System, using EY’s industry and solution knowledge as well as practical examples.
Through a combination of tutorials, group exercises and role-playing, you will learn everything you need to know about how to be an internal auditor and implementer of Information Security/ Privacy Management Systems.
Key objectives of the training:
- Understand how to identify and address the risks associated with your organization
- Understand how to effectively design and implement information security/ privacy policies and processes
- Learn to plan and execute an audit to verify conformity with the ISO/IEC 27001:2022 or ISO/IEC 27701:2019 standard
- Develop internal auditing skills and boost information security/ privacy management knowledge
The participants will get the opportunity to develop skills in the following:
- Gaining essential knowledge about auditing according to ISO/IEC 27001:2022 or ISO/IEC 27701:2019
- Identifying risks and focus areas for the information security/ privacy management system
- Practical insights on how to audit specific ISO/IEC 27001:2022 or ISO/IEC 27701:2019 requirements
- Gaining skills to help improve auditing capabilities
- Practicing end-to-end audit execution including preparation, planning, identification of nonconformities, reporting and review of corrective actions
- Becoming a certified Internal Auditor and Lead Implementer for Information Security/ Privacy Management System
Why EY CertifyPoint?
- EY CertifyPoint is one of the global market leaders for ISO certifications. We are known for a smart approach as well as efficient audit techniques minimizing the efforts of our clients.
- We have developed a strong global practice and obtained expertise knowledge in the area of Information Security/ Privacy as well as the ISO/IEC 27001:2022 and ISO/IEC 27701:2019 standards.
- The training will be held by professionals with practical experience in implementing and auditing organizational Information Security/ Privacy Management Systems according to the ISO standards.
- EY CertifyPoint provides a focused Information Security/ Privacy Management System training for a deep understanding of the ISO/IEC 27001:2022 and ISO/IEC 27701:2019 standards.