Course Description

ISO 27001 is the leading international standard for Information Security Management System (ISMS). It describes how to develop and improve the ISMS in an organisation. This course enlightens participants the framework of policies and procedures that comprises of legal, physical and technical controls involved in an organisation’s information risk management processes.

UTAP grant supported, able to claim up to 50% of course fee.

Course Content

  • Define Tools & Techniques used in information Security Management.
  • Understand the importance of asset & owner identification
  • Understand the threats, vulnerabilities and impacts
  • Understand the requirements of ISO 27001(ISMS)
  • Define the audit scope, criteria, frequency, methodologies, responsibilities and requirements
  • Performing an information security internal audit
  • Reporting the audit
  • Corrective action and follow-up

Target Audience

This course is specially designed for:

  • Auditors seeking to perform and lead Information Security Management System (ISMS) certification audits
  • Project Managers or consultants seeking to master an ISMS audit process
  • Quality professionals
  • Technical experts seeking to prepare for an ISMS audit
  • Expert advisors in Information Security Management System
  • Professionals associated with Information Security team such as Chief Security Officers (CSOs), Chief Information Security Officers (CISOs), and Chief Information Officers (CIOs)


At the end of this course, participants will be able to:

  • Review the Audit Requirements of ISO/IEC 27001:2022
  • Learn and Understand the Auditing Principles
  • Learn How to Assess Security Threats and Vulnerabilities
  • Understand Requirements of Security Controls and Countermeasures
  • Understand the Roles and Responsibilities of the Auditor & Lead Auditor
  • Learn How to Plan, Execute, Report, and Follow-up on an ISMS Audit

Course Information

Mode: Virtual Class

Course Duration: 16 hrs [2 days]

Course Fee: S$475

Enquire Now