The ISO/IEC 27001:2022 Internal Auditor international certification covers the international standard published by the International Organization for Standardization (ISO), which describes how to manage and improve information security, cybersecurity and privacy protection in an enterprise.
Format: the exam includes true/false questions, multiple choice and single answer, complete concept flows, etc.
Number of questions: 40
Open book: No
Languages: German, Spanish, English, Portuguese (Brazil)
Minimum passing score: 80%
Duration (In minutes): 60 minutes
Introduction and Background
- Introduction and Background
- ISMS
- History of the Standard
- ISO/IEC 27001:2022 Structure
- ISO 27000 Family of Standards
Key Concepts
- What is an ISMS?
- Information and General Principles
- Information Security
- The Management System
- Critical Success Factors of an ISMS
- Benefits of the ISMS Family of Standards
Terms and Definitions
- Phase 2. Design and Implementation of an ISMS
- ISMS Design Phases
- Stages of ISMS Implementation
- Structure of ISO/IEC 27001
- Deming PHVA and ISMS Cycle
Context of the Organization
- Understanding the Organization and its Context
- Understanding Stakeholder Needs and Expectations
- Organizational Priorities for an ISMS
- Determination of the Scope of the Information Security Management System 4.4
- Information Security Management System
Leadership
- Leadership and Commitment
- Policy
- Roles, Responsibilities and Authorities in the Organization
Planning
- Actions to Address Risks and Opportunities
- Risk Treatment Plan
- Actions to Address Risks and Opportunities
- Structure of the ISO 31000 Risk Management Standard ? Guidelines
- Information Security Objectives and Planning for their Achievement
Support
- Resources
- Competence
- Awareness
- Communication
- Documented Information
Operation
- Operational Planning and Control
- Information Security Risk Assessment
- Information Security Risk Treatment
- Risk Assessment and Treatment
Performance Evaluation
- Monitoring, Measurement, Analysis and Evaluation
- Internal Audit
- Internal Audit
- Management Review
Improvement
- Non-conformity and Corrective Actions
- Continuous Improvement
Module XI: Annex A: Normative
- Annex A: Domains
- Annex A: Clauses, Objectives and Controls
- Organizational Controls
- People Controls
- Physical Controls
- Technological Controls
Those who need to know what ISO 27001 is all about and how to execute and report on an audit in accordance with ISO/IEC 27001:2022.
• Understand the principles, concepts and requirements of ISO/IEC 27001:2022.
• Identify how to develop an ISMS.
• Develop the skills and ability to perform audits.
• Understand Annex A of ISO 27001:2022.
The ISO/IEC 27001:2022 Internal Auditor international certification covers the international standard published by the International Organization for Standardization (ISO), which describes how to manage and improve information security, cybersecurity and privacy protection in an enterprise.
ISO 27001 can be implemented in any type of organization, whether for-profit or not-for-profit, private, small or large government-owned. It was written by the world's leading experts in the field of information security and provides methodologies for implementing information security management in an organization.
© Copyright 2022 Certitalents
