Please use the links above to find what you were looking for.
You may not have been able to visit your page because of:
1. An out-of-date bookmark/favourite
2. A search engine that has an out-of-date listing
3. A mistyped address
4. You have no access to this page
5. The requested resource was not found.
6. An error has occurred while processing your request.
This pocket guide will help you to:
Steve G. Watkins managed the world’s first successful BS7799 (the forerunner of ISO27001) implementation project and leads the consultancy and training services of IT Governance Ltd. He is Chair of the ISO/IEC 27001 User Group, the UK Chapter of the ISMS International User Group, and an ISMS Technical Assessor for UKAS, advising on their assessments of certification bodies offering accredited certification. He has over 20 years’ experience managing integrated management systems, including maintenance of Information Security, Quality, Environmental and Investor in People certifications. His experience includes senior management positions in both the public and private sectors.
The activities of the cyber criminal are both deliberate and hostile, and they can be compared to military operations.
Many people in business understand that the insights from the classics of military strategy are as relevant to modern commerce as they are to war.
It is clear that organizations need to develop a view of cybersecurity that goes beyond technology: all staff in the organization have a role to play, and it is the senior managers who must ensure, like generals marshaling their forces, that all staff know the cybersecurity policies that explain what to do when under attack.
With this in mind, the authors have drawn on the work of Clausewitz and Sun Tzu and applied it to the understanding of information security that they have built up through their extensive experience in the field. The result is expert guidance on information security, underpinned by a profound understanding of human conflict.
Building on the success of the first edition, this new edition covers the most recent developments in the threat landscape and the best-practice advice available in the latest version of ISO 27001:2103.
Dr. Andrew Vladimirov is a security researcher. His fields of expertise include network security and applied cryptography, and he has extensive experience of performing information security assessments. He and his fellow authors are the founders of Arhont Ltd, a leading information security consultancy.
Konstantin Gavrilenko has over 15 years of experience in IT and security. As a researcher, information security is his specialty, and he has a particular interest in wireless security. He holds a BSc in management science from De Montfort University and an MSc in management from Lancaster University.
Andriej Michajlowski is an expert on network security. His research interests include user and device authentication mechanisms and wireless networking security. He has extensive experience carrying out internal and external information security assessments. He is a graduate of the University of Kent at Canterbury and he holds an MBA.
"… I recommend this pocket guide to anyone implementing ISO27001, and indeed to anyone who is concerned about the risks of security breaches, and who wants to know how best to prepare their organization for the unpleasant events that are bound to happen from time to time…”
- Willi Kraml, Global Information Security Officer
"… Michael Krausz has created a valuable tool … Written in plain English, this handbook is easy to follow even by a novice in the Information Technology Field. Therefore "Information Security Breaches" is a must within the 'tool box' of anyone who deals with IT issues on an every-day basis…”
- Werner Preining, Interpool Security Ltd
Michael Krausz is an IT expert and experienced professional investigator. He has investigated over a hundred cases of information security breaches. Many of these cases have concerned forms of white-collar crime. He studied physics, computer science, and law at the University of Technology in Vienna, and at Vienna and Webster Universities. He has delivered over 5000 hours of professional and academic training and has provided services in eleven countries to date.
The BS 10012:2017 +A1 2018 specification provides a framework to manage the risks to the privacy of personal data and implement the necessary policies, procedures and controls to help ensure compliance with the GDPR. It is designed to follow the plan-do-check-act cycle (PDCA) to ensure continual improvement.
This self-paced modular course teaches you the skills to plan and execute an audit of an ISMS that conforms to ISO 27001:2022. It also prepares you to pass the ISO 27001:2022 Certified ISMS Lead Auditor (CIS LA) exam on the first attempt.
You will learn:
Please note that this course is part of the Lead Auditor modular training scheme, and you must have previously taken the Core Audit Skills Self-Paced Online Training Course.
The Lead Auditor modular training program teaches the skills required to conduct external and supplier audits against standards that include ISO 27001, ISO 22301, ISO 9001, and ISO 14001.
Take our Core Audit Skills module to gain knowledge of the generic auditing process as defined by ISO 19011 and ISO 17021. Build on the basics and choose the specific standard Lead Auditor module of your choice.
The Core Audit Skills Self-Paced module is currently available as part of the Certified ISO 22301 BCMS Lead Auditor Self-Paced Online Training Course.
If you only wish to focus on ISO 27001 lead auditing, please purchase the Certified ISO 27001:2022 ISMS Lead Auditor Self-Paced Online Training Course.
Designed by the team that led the world’s first successful ISO 27001 implementation project.
Taught by an ISO 27001 consultant with extensive experience auditing management systems and helping organizations prepare for an ISO 27001 audit.
Aligned with the best-practice ISO 19011:2018 (Guidelines for auditing management systems) audit methodology.
Learn at a time, place, and pace that suit you.
Pre-recorded online course and learner guide enabling you to learn in easy, manageable, bite-sized chunks.
Comes with a learner guide to read alongside the video modules.
This course is aimed at people who want a globally recognized ISO 27001 lead auditor qualification to further their careers. It is also designed for managers responsible for implementing and maintaining an ISO 27001-compliant ISMS, such as:
Find out how the Certified ISO 27001:2022 ISMS Lead Auditor Module Self-Paced Online Training Course will help you enhance your knowledge and career.
This course is an essential component of the following learning paths:
We are the global specialists – As global specialists in information security, cybersecurity, and privacy, we pride ourselves on being market leaders and keeping one step ahead. Our expert instructors use their working knowledge to bring the course content to life, while covering all the essential and technical content.
Built and delivered by experts – Our courses are built and delivered by subject-matter experts and innovative instructional design specialists with years of practical, hands-on experience.
Learn your way – We have the training methods and solutions to suit your business or personal learning style. We offer instructor-led (classroom, Live Online, or hybrid), blended, self-paced, elearning, in-house, and custom training options.
Our service levels are exemplary – From the sales team that pays close attention to your development needs, to the operations team that makes things tick like a Swiss watch, to the energy and skill of the instructors. We are all passionate about what we do and want to ensure you get the best training experience possible.
Pass the first time or train again for free – We have trained more than 28,000 people and we’re confident you’ll pass with us first time. If you don’t, we’ll train you again for free.*
* T&Cs apply.
Please note that this course can be purchased with or without the exam as required.
You will need a laptop for the duration of your course and exam.
This course is part of the Lead Auditor modular training scheme, and all learners must have previously taken the Core Audit Skills Self-Paced Online Training Course.
The Core Audit Skills Self-Paced Online module is currently available as part of the Certified ISO 22301 BCMS Lead Auditor Self-Paced Online Training Course.
Learners should also have a good knowledge of ISO 27001. This could be obtained through practical experience, reading, or taking the Certified ISO 27001:2022 ISMS Foundation Self-Paced Online Training Course or Certified ISO 27001:2022 ISMS Lead Implementer Self-Paced Online Training Course.
Participants will need to have their own copies of the ISO/IEC 27001:2022 and ISO/IEC 27002:2022 standards for use during the course.
We strongly recommend purchasing and reading the Standards before attending the course:
We also recommend purchasing and reading the following textbook:
If purchased, candidates take the ISO 27001:2022 Certified ISMS Lead Auditor (CIS LA) exam set by IBITGQ.
This course is equivalent to:
21
CPD points
Successfully completing the course and exam awards the ISO 27001:2022 Certified ISMS Lead Auditor (CIS LA) qualification.
This course holds accreditation from IBITGQ (International Board for IT Governance Qualifications) and CIISec (The Chartered Institute of Information Security), satisfying CIISec Knowledge Areas requirements at Level 1: A1, A3, A7, C1, C2, D2, E3, F2, H1 and H2; and at Level 1+: A2, A4, A5, A6, B1, B2, D1, E1, E2, F1 and G1.
As a premier personnel certification body, IBITGQ specialises in certifying individuals who demonstrate exceptional proficiency in IT governance practices.
IBITGQ maintains accreditation to the ISO/IEC 17024:2012 standard, a globally recognised benchmark for conformity assessment. Accreditation by the International Accreditation Service (IAS) further underscores the course's commitment to meeting stringent certification requirements.
ISO 17024 certification is esteemed within the industry and universally acknowledged by employers worldwide. By aligning with this standard, our course ensures that your qualifications are not only recognised but also highly valued by employers across diverse sectors.
Upon successful completion of the course, you have the opportunity to validate your professional expertise by registering your qualification on the esteemed IBITGQ/GASQ successful candidate register. This platform serves as a testament to your commitment to excellence in IT governance, setting you apart as a distinguished professional in the field.
Yes, if you are unsuccessful on the first attempt, you can retake the exam for an additional fee. You can email us to schedule the retest.
To support your continued professional development, it is essential that you maintain an adequate level of current knowledge associated with an ISO 27001 Lead Auditor. To demonstrate this competency to employers and other key stakeholders, you must recertify your IBITGQ qualification at regular intervals.
Individuals awarded the ISO 27001:2022 Certified ISMS Lead Auditor (CIS LA) qualification are required to recertify after three years.
Candidates can undertake a recertification exam any time from one month before or two months after the expiry date (months 35–38) of their certificate. Please see IBITGQ Exams for further details. After this period, candidates can take the standard ISO 27001:2022 Certified ISMS Lead Auditor (CIS LA) exam at any convenient time.
After you have completed your order, you will receive a sales receipt and a “Thank you for your order” confirmation email. This email will ask you to provide essential participant information and gives instructions on how to access your course. If you don’t receive this email, please check your junk folder.
You must provide the requested participant information, including a valid email address. This applies whether you have made the booking for yourself or on behalf of someone.
Please check this information is correct before submitting, as you are unable to change the participant’s email address once it has been added to our system.
If you are a new customer, you will receive an email from noreply@grcelearning.com with instructions on how to access the LMS. If you or other participants do not receive this email, please check your junk folders.
If you have accessed the LMS previously, please log in using your credentials. You can access the LMS at any time from your My Account page.
Once you have logged in to the LMS, you can download the course material immediately.
Important information: Please read our examination guide before scheduling your exam.
All exams are delivered online using an automated proctor system managed by GASQ on behalf of IBITGQ.
When you’re ready to take your exam, please log in to your My Account page, scroll down to the ‘Self-paced online training courses’ section, and click the ‘Course completed’ button. A member of our team will be in touch to provide details of your exam booking procedure.
Exam candidates are required to have:
You are required to book your exam online at least 96 hours before the exam date.
Please be aware that you can reschedule your exam once (if needed) at least 48 hours before your booked exam date for no additional charge.