ISO IEC 27001:2022 INFOSECURITY AUDITOR/LA AICQ-SICEV

(National and European accreditation and certification system; Regulatory references; ISO 19011, ISO/IEC 17021 and ISO/IEC 27006 standards; Principles of auditing; Auditing of security processes and controls; AICQ-SICEV certification scheme for ISMS auditors; AICQ-SICEV code of ethics for auditors).

(Risk management related to the management system and information security and the process approach; Elements of risk assessment (identification, analysis and weighting) and treatment; Applicable security controls proposed in Annex A of ISO/IEC 27001 and ISO/IEC 27002; The organizational security model: the Plan-Do-Check-Act cycle of continuous improvement; Correlation with other standards of the ISO/IEC 27000 family.)

– Legal Area
(Current legislative references (Privacy/GDPR, Workers’ Statute, Legislative Decree 231/2001, …); Contractual aspects relating to suppliers, customers, third parties).

– Technology Area
(Basic elements of ICT and information security; ICT security controls; Incident management; Business continuity, disaster recovery, and crisis management).

– Management Area
(Organizational aspects of information technology; Responsibilities involved in information security).