Course Overview
- To equip participants with the knowledge and skills needed to assess and report on the conformance and effective implementation of an Information Security management system in accordance with ISO 19011.
- Describe the responsibilities of an internal auditor and describe the role of internal audit in the maintenance and improvement of management systems, in accordance with ISO 19011
- Risk Management Process
- Concepts specific to the cloud environment
- Information security risks in cloud services
- Fundamentals of ISO/IEC 27017:2015 and its framework
- Benefits of implementing ISO/IEC 27017:2015
- Relationship between ISO/IEC 27001:2013, ISO 27002: 2013 ( Information Technology- Security Techniques-Code of Practice for Information Security Controls) and ISO/IEC 27017:2015
- Exploring and selecting ISO/IEC 27017:2015 controls relevant to risk assessment as per realistic situation
- Specific guidance for cloud service customers and cloud service providers