About Us
Services & Products
Clients & Partners
ISO Info
Contact Us

Training effectiveness is the most important

outcome of a training program

 TrainingAudit CourseISMS Auditor/Lead Auditor **     February 26, 2021  
Training Course
Implementation Course
Audit Course
Other Course
Course Contact
Apply for Course - Online Registration
Download Folder

Information Security Lead Auditor Course

5-Day ISO/IEC 27001 ISMS Auditor/Lead Auditor course (IRCA - A17321)

[Course code: ISLA]

Executive Summary
According to the Information Systems Security Certification Consortium 2005 Global Information Security Workforce Study, majority of the corporate are spending their time and money into researching and implementing new technologies.  But in reality, information security professionals know that information security is not a technology issue – it’s a people issue[1].

It is important to change the thinking and recognize that there is every opportunity to consider information security as strategic tools for competitive advantage, increased shareholder value and better management of resources.  Such change does not require new technical know-how or security solutions, but rather a new way of assessing them.

Come to attend our highly rated IRCA[2] Registered ISMS Lead Auditor training course so that you can acquire the knowledge and skills required to assess the conformance of an organisation’s ISMS to ISO/IEC 27001.  In addition, you will gain the understanding of associating the ISMS elements to the key of a successful business. 

[1] 2007, Colley, J. http://www.out-law.com/page-7614

[2] International Register of Certificated Auditors

Course Description

This 5 day Information Security Management System (ISMS) Lead Auditor training courses provide information security professionals with the knowledge and skills required to assess the conformance of an organization's information security management system to ISO/ IEC 27001:2013.

This course is accredited by International Register of Certified Auditors (IRCA) with the instruction, course content, course duration, examination and administration regulated by IRCA. Delegates should note that evening work is required during the course and there will be a two and half hour examination conducted on the final day of the course.

Key  Benefits
This course is specially created to help delegates understand the philosophy, the motivation of ISMS programme as well as provide an impartial view of the ISMS standards and requirements. In order to ensure effective learning, Maximus deploys some of the most advanced adult learning techniques including;
  • having pre-class reading material to gain initial understanding, in-class to provide an in-depth explanation with hands-on techniques and categorization of information and, post-class learning reinforcement.

  • having the material geared towards audit preparation, verification techniques as well as audit follow-up with information security risk management as the focus.

  • having 14 competency exercises and 8 competency tests – competency exercises allow delegates to gain confidence in performing a task while competency tests, a combination of skills learnt from competency exercises, allows delegates to validate the skills learnt from the training.

Upon successful completion, you will be;

  • Equipped with knowledge and skills required to perform audits of Information Security Management Systems (ISMS) against the ISMS standards.
  • Satisfy the training requirements for initial certification as an IRCA ISMS auditor.
  • Increase your credibility through gaining international recognition.
  • Improve your resume and help to increase earning potential.
Course Content
This classroom-based training is designed with a combination of tutorials, workshop exercises, competency test, case study and role-play.  The topic includes;

  • ISO/IEC 27001 ISMS Overview

  • Understanding ISO/IEC 27001 Fundamentals

  • Interpreting ISO/IEC 27001 ISMS Requirements

  • ISO 19011 and ISO/IEC 17021 Audit Programme Overview

  • Understanding the Audit Process

  • Initiating and Preparing an Audit from ISMS Programme Perspective

  • Conducting an Audit from ISMS Programme Perspective

  • Reporting, Completing and Follow-Up an Audit

Who should attend?

  • Audit Programme Coordinators who wish to set-up a audit programme within their Organization as recommended by ISO 19011.
  • Senior and Middle Managers who wish to better understand the philosophy and the requirements of Information Security Management Systems (ISMS), and strategizing the implementation.
  • Managers and Professional Engineers who need to understand the implementation requirements of ISMS program and be equipped with the ability to select credible consultants.
  • Existing auditors who wish to expand their auditing skills into the field of ISMS.
  • Professionals who wish to provide advisory on the ISO 27001 ISMS certification expectation.
 Course Pre-requisite

Before engaging this course, delegates are expected to have the following prior knowledge:

1. Management systems

 Prior understanding of the Plan-Do-Check-Act (PDCA) cycle

2. Information security management

Knowledge of the following information security management principles and concepts.

• Assignment of responsibility for information security;
• Incorporating management commitment and the interests of stakeholders;
• Enhancing societal values;
• Using the results of risk assessments to determine appropriate controls to reach acceptable levels of risk;
• Incorporating security as an essential element of information networks and systems;
• Active prevention and detection of information security incidents;
• Comprehensive approach to information security management;
• Continual reassessment of information security and making of modifications as appropriate

3. ISO/IEC 27001
Knowledge of the requirements of ISO/IEC 27001 (with ISO/IEC 27002) and the commonly used information security management terms and definitions, as given in ISO/IEC 27000, which may be gained by completing an IRCA certified ISMS Foundation Training course or equivalent.

Course Award

IRCA certification will be issued for participants who passed the continuous assessment and the IRCA examination conducted on the final day of the course. Terms and conditions apply.

 Course Leader

Mr You Cheng Hwee, MSc (Research in Computer Security),
 BCS Registered Security Specialist, and IRCA Certified ISMS Principal Auditor, has been a security practitioner for more than 17 years and is the founder and the Director of Consulting Services of Maximus Consulting, a pioneer and leading company specialized in providing ISO/IEC 27001 Information Security Management System (ISMS) consultancy and training services.

He has extensive experiences in ISMS training and consultancy for clients in Government Agencies and all other industrial sectors ranging from Finance, Telecommunications, Manufacturing, Automotive, Energy, Information Technology to Food and Beverages, Education and Electronics. He has consulted various Global 2000 companies for ISMS including the world largest financial new agency, world largest automotive, world second largest IT outsourcing and regional largest telecommunication provider; just to name a few and his experience spans 10 countries over 4 continents. With his in-depth knowledge of information security, Mr You also patented a revolutionary risk assessment methodology that has been accepted and globally adopted in some of the Global 2000 companies.

Course Fee

S$2,800 per delegate (including training materials and exam fees)  (for IRCA registration fees click here)
S$2,200 per delegate (Virtual Training) (including training materials and exam fees) 
Other Countries Price will be quoted upon request

Up to 90% of the nett payable course and examination fees are supported by CITREP+. Terms and Conditions apply.

Note: Group packages and customised training available upon request.

For enquiry, please contact the training manager or email training@i-mxms.com for more information.

Singapore +65 6715 8467
Malaysia +60 12-283 8649
Thailand +66 (0) 2634 3589
  Philippines +65 9727 2439
  ASIA +65 9727 2439
  USA +65 9727 2439
  EUROPE +65 9727 2439

Available Public Run Dates for this course

  20 - 26 Apr  2021 Singapore
           19 - 25 May 2021 Thailand 
  15 - 21 Jun  2021
  01 - 07 Sep 2021 Thailand
  13 - 17 Dec 2021 Thailand



Please contact us for in-house training if there are more than 7 participants.

 Copyright 2019 Maximus Consulting Pte Ltd   Terms Of Use  Privacy Policy