HKQAA 香港品質保證局

Prerequisites
Delegates are required to complete the ISO/IEC 27001:2013 Understanding & Application Course or equivalent.
(Delegates are required to submit supporting document(s) as necessary.)

Who should attend

Information Security personnel, managers and staff who are entrusted to implement the changeover
Top management personnel who are driving the Information Security management system
Educators and consultants involve in ISO/IEC Information Security management development

Course objectives

To strengthen the understanding on the Standard of ISO/IEC 27001:2013 information Security Management System,
To understand the importance of internal auditing within a quality system and the responsibilities of internal auditors,
To plan and organize an internal audit within an management system

Course contents

Background and introduction of ISO/IEC 27001:2013
Highlights of ISO/IEC 27001:2013 Requirements
Understanding of “Control Objectives and Controls”
Documentation structure, ISO/IEC 27001 certification infrastructure, internal audit
Audit planning including audit preparation, opening and closing meeting, conduct audit, audit report, audit management
Internal audit results evaluation and reporting

Methodology
Presentation, workgroup discussion and case study

Certificate of attendance
Certificate of Attendance will only be issued to participants who have attended more than 90% of the enrolled course hours

Should you have any questions, please contact Ms. Joanne Chan at 6050 8153 during office hour (9 a.m. to 6 p.m.) on Monday to Friday.

Click here to explore E-learning schedule