Information Security Management System (ISO 27001) Audit

ISMSA Course Introduction

For the organization that has information security management or information security management system in place, an auditing is a vital process to ensure its effectiveness and efficiency. In this 3-days course, attendee will gain essential knowledge and also practice how to benchmark their information security management program or ISMS with international accepted standards and guidelines. Not only compliance to ISO standards concern, but also practical recommendation for valuable improvement will be discussed.

ISMSA Course Objectives

  • To understand principle in information security management
  • To understand ISO/IEC 27001:2013 requirements
  • To understand practical approach for auditing
  • To understand ISO 19011:2011, ISO/IEC 27008:2011 guidelines

Target Group

  • Security Consultant
  • IT Auditor

Course Outline of ISMSA

Day 1
    – Fundamental Principle in Information Security
    – International Standards and Leading Practices
    – Principles of Auditing
    – Managing an Audit Program
    – Performing an Audit
    – Information Security Control Review

Day 2
    – Audit (4) Context of the Organization
    – Audit (5) Leadership
    – Audit (6) Planning
    – Audit (7) Support
    – Audit (8) Operation
    – Audit (9) Performance Evaluation
    – Audit (10) Improvement

Day 3
    – Audit (A.5) Information Security Policies, (A.10) Cryptography
    – Audit (A.6) Organization of Information Security, (A.18) Compliance
    – Audit (A.7) Human Resource Security, (A.8) Asset Management
    – Audit (A.9) Access Control
    – Audit (A.12) Operations Security, (A.13) Communications Security
    – Audit (A.16) Information Security Incident Management
    – Audit (A.15) Supplier Relationships
    – Audit (A.11) Physical and Environmental Security
    – Audit (A.17) Information Security Aspects of Business Continuity Management
    – Audit (A.14) System Acquisition, Development and Maintenance

18-20 September 2019

Course Level



3 Days

Tuition Fee

21,000.00 THB


A.Choonhaphan Lerlertpakdee
CISA, CISM, CGEIT, CRISC, CIPT, MBCI, ITIL Expert, PMP, BCMS (ISO 22301) Provisional Auditor, ISMS (ISO 27001) Provisional Auditor, ITSMS (ISO 20000) Provisional Auditor