To equip participants with the knowledge and skills needed to assess and report on the
conformance and effective implementation of an Information Security management system in
accordance with ISO 19011.
Describe the responsibilities of an internal auditor and describe the role of internal audit in the
maintenance and improvement of management systems, in accordance with ISO 19011
Risk Management Process
Concepts specific to the cloud environment
Information security risks in cloud services
Fundamentals of ISO/IEC 27017:2015 and its framework
Benefits of implementing ISO/IEC 27017:2015
Relationship between ISO/IEC 27001:2013, ISO 27002: 2013 ( Information Technology- Security
Techniques-Code of Practice for Information Security Controls) and ISO/IEC 27017:2015
Exploring and selecting ISO/IEC 27017:2015 controls relevant to risk assessment as per realistic
situation
Specific guidance for cloud service customers and cloud service providers
