HSC   Text mode: access to the page content
Hervé Schauer Consultants
You are here: Home > Training courses > ISO 27001 Lead Auditor
Go to: HSC main site
Download the training catalog
Search:  
Version française
   Training courses   
o Planning
o Organismes de certifications
o Labels des formations
o Certifications et qualifications d'HSC
o Formations universitaires
   E-learning   
o E-learning HSC
o ISO 27001
o PHP security
   Contacts   
o How to reach us
o Specific inquiries
o Directions to our office
o Hotels near our office
   HSC est certifié OPQF   
logo OPQF
|>|ISO 27001 Lead Auditor  
Training courses
See also...
o Organization of the courses
o Training sessions planning
o General presentation of our ISO 27001 services
o ISO 27001 Lead Implementer
o Certification by LSTI
o Goals
o International recognition
o Duration
o Instructor(s)
o Pre-requisite for attendants
o Teaching method
o Related courses
o Material
o Agenda
o Methods of inscription
o Examen

Dates of the coming sessions:
> 28 November - 02 December 2016 (Paris)
> 20-24 February 2017 (Paris)
> 19-23 June 2017 (Paris)
> 25-29 September 2017 (Paris)
> 27 November - 01 December 2017 (Paris)
Dates subject to modification without prior notice. The sessions will only take place if the number of registered attendants is high enough.


Goals

ISO 27001 Lead Auditor courses (ISMS Lead Auditor) allows you to become auditor or person in charge of audit (Lead Auditor 27001) of information security management systems (ISMS).


International recognition

The training by HSC and the examination by LSTI are internationally recognized, on the same level as the other trainings and examinations available on the market.
For more information, see the page Certification by LSTI.


Duration

The duration is 5 days : 4.5 days of course and half a day of exam, that is to say a 40 hours training course, splitted in 31.5 hours of course and 3.5 hours of exam at HSC, and 5 hours of individual work by doing the exercices at home.


Instructor(s)

This training is given by several consultants among the following:

  • Alexandre Fernandez-Toro
    • BS7799 Lead Auditor certified by BSI
    • ISO27001:2013 Lead Auditor certified by LSTI
    • ISO27001:2013 Lead Implementer certified by LSTI
    • ISO27005:2011 Risk Manager certified by LSTI
    • CISSP, ITIL foundations et ITIL practitioner certified
    • ISMS auditor for several certification organisations
    • Former member of the "club EBIOS"
    • Member of the "Club 27001"
    • Registered as ISMS Provisional Auditor by the IRCA under the number 01186952 (International Register of Certificated Auditor)
  • Hervé Schauer (Herve.Schauer@hsc.fr)
    • ISO27001:2013 Lead Auditor and Lead Implementer certified by LSTI
    • ISO27005:2011 Risk Manager certified by LSTI
    • ISO22301 Lead Auditor certified by LSTI
    • CISSP, ISC2 certified
    • GSLC (GIAC Security Leadership Certification) certified by GIAC
    • Participating to the normalization in security at AFNOR since 1990 and at CN27 since its creation in 1993
    • Member of the ISO 27001 group of the Clusif
    • Host of Club 27001
  • Mikael Smaha (Mikael.Smaha@hsc.fr)
    • ISO27001:2013 Lead Auditor certified by LSTI
    • ISO27001:2013 Lead Implementer certified by LSTI
    • ISO27005:2011 Risk Manager certified by LSTI
    • EBIOS Risk Manager certified by LSTI
    • Network Forensic Analyst (GNFA) certified by GIAC.
  • Beatrice Joucreau (Beatrice.Joucreau@hsc.fr)
    • ISO27001:2013 Lead Auditor certified by LSTI
    • ISO27001:2013 Lead Implementer certified by LSTI
    • ISO27005:2011 Risk Manager certified by LSTI
    • EBIOS Risk Manager certified by LSTI
    • GSEC(GIAC Security Essentials) certified by GIAC
  • Jordan Hordé (Jordan.Horde@hsc.fr)
    • ISO27005:2011 Risk Manager par LSTI
    • ISO27001:2013 Lead Implementer et Auditor par LSTI
    • EBIOS Risk Manager par LSTI
  • Anthony Hubbard (Anthony.Hubbard@hsc.fr)
    • ISO27005:2011 Risk Manager par LSTI
    • ISO27001:2013 Lead Implementer et Auditor par LSTI
    • PCI QSA par le PCI SSC
    • GIAC Continuous Monitoring (GMON)
  • Alphonsine Yacoubou-Djima (Alphonsine.Yacoubou-Djima@hsc.fr)
    • ISO27005:2011 Risk Manager par LSTI
    • ISO27001:2013 Lead Implementer et Auditor par LSTI
    • EBIOS Risk Manager par LSTI
    • GSEC (GIAC Security Essentials) par GIAC


Pre-requisite for attendants

to come


Teaching method

The pedagogic method is based upon the four following practices :

  • Authoritative course based upon ISO 19011, ISO 27001 and ISO 27002 (formerly ISO 1799) standards, illustrated with real cases examples.
  • Individual exercises to review and be prepared for the examination.
  • Practical group and individual exercises, based on real audit cases, with oral presentation.
  • One role game auditor / audited.


Related courses

Essential of ISO27001 series
ISO 27001 Lead Implementer


Material

The course is delivered in French and in French only. Course material include slides in French (about 330), exercices in French (about 30 pages), exercices corrections in French (about 10 pages), and all others documents in French or English necessary for the course.


Agenda

Welcome of participants

  • General description of the course
  • Introduction to management systems
ISO 27001 standard presentation
  • ISMS notion (Information Security Management System)
  • PDCA (Plan-Do-Check-Act) model
  • ISO 27002
  • Link between ISO 27001 and ISO 27002
  • Overview of complementary standards
ISO 27001 certification process

ISO 27002 (formerly ISO 17799) standard presentation
  • Objectives and use of the standard
  • ISO 27001 requirements
  • Audit a security measure
  • Presentation of security measures
  • Example of an audit of security measures
ISO 19011 auditing scheme presentation
  • ISO 19011 standard
  • Audit principles
  • Audit types
  • Audit program
  • Audit steps
    • Before the audit
    • Audit step 1
    • Audit step 2
    • After the audit
  • Auditor
  • Audit team leader
SMSI audit scheme presentation
  • ISO 17021 and 27006 standards
  • Certification audit
  • Audit criteria
  • Audit progress
  • Audit Findings and gap sheets
  • Meeting closure
  • Audit Report
Technical interview

Exercises for examination preparation

Examination designed, monitored and corrected by LSTI.


Methods of inscription

For registering an HSC course, please contact our training department by phone : +33 141 409 704 or by email at formations@hsc.fr, with first and last name of every student, your postal address and your company VAT number. Thoses informations enable us to send your the training agreement. The training agreement must be return agreed with signature and company stamp with you purchase order, at least 6 days before the course. The purchase order should precise your billing address and our payment regulations : net 30 days from our invoice date. Registration is completed as soon as we received those two documents.


Examen

L'examen dure 3h30 et se déroule dans les locaux où a lieu la formation. Le stagiaire devra apporter sa pièce d'identité originale le jour de l'examen, et fournir à LSTI :

  • une copie de sa pièce d'identité
  • un CV
  • une copie du diplôme de second cycle ou l'attestation d'expérience professionnelle d'au moins 5 ans dans le domaine des technologies de l'information
  • le cas échéant, un certificat médical attestant d'un handicap nécessitant l'allongement de la durée de l'examen écrit.
Ces pièces devront être en français ou en anglais, ou bien accompagnées de leur traduction.
Last modified on 27 February 2017 at 15:30:46 CET - webmaster@hsc.fr
Mentions légales - Information on this server - © 1989-2013 Hervé Schauer Consultants