Skip to Menu Skip to Search Contact Us Philippines Websites & Languages Skip to Content


This training is designed to give you the relevant skills and knowledge to carry out audits of Information Security Management Systems (ISMS) against ISO 27001.


May 20, 2019, 06:30


May 24, 2019, 15:30


Makati, Philippines

Woman training

Tutor's Profile

Chris Yau
SGS Hong Kong Ltd.
Global Products & Services Development Manager

Chris handles various management and technical positions with his stay in SGS. He currently handled projects that involve market analysis, resource planning, product development, project management, and deployment or rollout of new products.

Chris has a vast experience on research since he used to be a member of The Hongkong University of Science and Technology. He published several articles and technical documents including the SGS White Paper on Understanding the Supply Chain Security Certification Standards: A Discussion about the Challenges, Impacts and Opportunities for the Security of Supply Chain Management Systems.

Course Requirement

An ISMS compliant with these requirements allows organizations to examine and control information security risks, threats and vulnerabilities.

What will you learn on our ISO 27001 lead auditor course?

On training completion you will be able to:

  • Explain the purpose of an Information Security Management Systems (ISMS) and explain the processes involved in establishing, implementing, operating and monitoring, reviewing and improving an ISMS as defined in ISO 27001, including the significance of these for ISMS auditors
  • Explain the purpose, content and interrelationship of ISO 27001 to other relevant standards and the legislative framework relevant to an ISMS
  • Apply an in-depth knowledge of the ISO 27001 audit and certification process
  • Have the skills and knowledge needed to conduct third party audits against the requirements of the ISO 27001 Information Security Management Systems and to report and follow-up the results

Please note: Participants should have some prior experience of Information Security Management or ISO 27001 before attending this training.


This five day course provides an opportunity for Information Security professionals to update their skills in interactive and supportive surroundings. Case study materials and role-play exercises are used to develop and practice skills in all phases of auditing. Participants are continually assessed and required to complete a midcourse test along with an end-of-course written examination.