Although they operate in different sectors, every information they have is valuable. This is why efforts to protect information in organizations. The ISO 27001 Information Security Management System standards have also resulted from this need.
The fields of activity of the organizations may vary, but Information Security Management System's scope will not change. Once the top management of the organization identifies and explains the policy on information security. Then the inventory of information assets is subtracted and classified according to their importance. Personnel safety is ensured in order to prevent the employees from making mistakes and to remove the risk of using the information outside of its purpose.
Physical security must also be provided to prevent attacks on information sources and to reduce the risk of information distortion or alteration. Again, it should be ensured that computer systems are adequate and reliable. Only authorized persons can access the information. It should be possible to intervene in an unexpected and timely manner.
In order to implement the TS ISO / IEC 27001 Information Security Management System standards in various organizations and to ensure the continuity of the application, TURCERT certification bodyIn addition to certification studies, it also provides consultancy and training services. The training subjects of the TURCERT certification body regarding the TS ISO / IEC 27001 Information Security Management System are as follows:
- TS ISO / IEC 27001 Information Security Management System Basic Training
- Information Security Management System Documentation Training
- Information Security Management System Internal Audit Training
- TS ISO / IEC 15504 Software Process Evaluation Training
After establishing the Company's Information Security Management System, it must be checked whether its activities are carried out in accordance with the requirements of this standard. Internal auditors undertake this audit. Information Security Management System Internal Audit TrainingThese are provided for the purpose of training these internal investigators.
The main topics of the Information Security Management System Internal Audit Training given by the TURCERT certification body are:
- Interpretation of TS ISO / IEC 27001 standard items as internal auditor
- Examination types
- The benefits of examination
- Audit management
- Planning the audit
- Preparation of questionnaires
- Finalizing the report and writing a report
- Auditor responsibilities
- Case studies
It is obligatory to continue these trainings in order to obtain the expected benefit from the Information Security Management System Internal Audit Training, which is a two-day training. Persons participating in this training should have received the TS ISO / IEC 27001 Information Security Management System Basic Training. At the end of the training, the certificate of achievement is given to the successful participants and the participant certificate is given to the others.
The instructors of the TURCERT certification body are also experienced and specialized in this area and many examples are shown during these trainings. This is also possible if the company requires training to be provided in their work environment.
Information Security Management System If you want to get more information about Internal Audit Training or if you want to give this training, experienced employees of TURCERT certification body will be with you immediately.