For more information about CSM-ACE 2022, please contact: 
  • secretariat@csm-ace.my |
  • +603 8800 7999

Training

Certified Information Security Management System Auditor (CISMSA)

Date 5 -7 Dec 2022
Time 9:00 am - 5:00 pm
Venue Physical, Menara Cyber Axis, Cyberjaya
Fee

Training: RM3,780 (Fees exclude 6% SST)

Not inclusive of Exam Fee @ RM1,200

 

This course explores the objectives of ISMS Audit and explains the roles and responsibilities of an Auditor to ensure the effectiveness of controls; and improvement of the management system in ISO/IEC 27001:2013

This course is designed to develop practical skills and knowledge to conduct audits and improve the implementation of information management system in accordance of ISO/IEC 27001:2013.

  1. Information Security practitioner
  2. Auditors of any discipline
  3. ISMS Developers and Management

Module 1: Introduction

  1. Audit Origins
  2. ISO/IEC 27001:2013 – 9.2: Internal Audit

Module 2: Control Objectives & Control

Group Activity 1: Control Objectives & Control

  1. Assignment
  2. In-group discussion
  3. Groups presentation

Module 3: Audit Cycle

  1. Plan
  2. Execute
  3. Report
  4. Follow-up

Module 4: Audit Cycle (Plan)

  1. ISMS Audit Programme
  2. ISMS Audit Parameters
  3. Resources
  4. Audit Plan

Group Activity 2: Audit Plan

  1. Assignment
  2. In-group discussion
  3. Groups presentations

Module 5: Audit Cycle: Execute

  1. Opening Meeting
  2. Conduct the Audit
  3. Audit Findings
  4. Closing Meetings

Group Activity 3 (a): Nonconformity Statement

  1. Assignment
  2. In-group discussions
  3. Groups presentations
  4. Closing Meetings

Group Activity 3 (b): Conduct the Audit Role-play

  1. Assignment
  2. In-groups discussions
  3. Groups presentations

Module 6: Audit Cycle: Follow-up

  1. Conducting Audit Follow-up

Module 7: ISMS Certification

  1. Certification Process
  2. Engagement with Certification Body
  3. Preparation for Certification Audit
    • 'To Do' Lists