ISO 28003:2007- Security Management Systems for The Supply Chain
Course Overview:
The ISO 28003:2007 Lead Auditor course is a specialized training program designed to equip professionals with advanced knowledge and skills required to lead and manage supply chain security management system (SCSMS) audits based on the ISO 28003:2007 standard. This course focuses on developing participants into adept audit leaders capable of planning, conducting, and overseeing effective SCSMS audits. Participants will gain expertise in evaluating supply chain security measures, identifying vulnerabilities, and providing strategic recommendations to enhance security practices throughout the supply chain.
Learning outcomes of this course:
Upon completion of the Certified in ISO 28003:2007 Lead Auditor course, participants can expect to achieve the following learning outcomes:
- Master the principles and intricacies of ISO 28003:2007 for SCSMS audits.
- Lead all phases of the audit process, from planning to report.
- Apply advanced auditing techniques to ensure comprehensive assessments of supply chain security controls.
- Identify security vulnerabilities, assess risks, and ensure compliance with ISO 28000 standards.
- Communicate audit findings persuasively and provide actionable recommendations.
- Lead continuous improvement initiatives in supply chain security management.
Course Contents:
The course content of the Certified in ISO 27006:2015 Lead Auditor course typically covers a range of advanced topics. Here are the topics covered:
- Introduction to ISO 27006:2015 and Information Security Management System (ISMS) Auditing
- Role and Responsibilities of a Lead Auditor
- Understanding Information Security Principles and ISO 27001 Requirements
- Planning and Preparation for ISMS Audits
- Conducting In-Depth On-Site Audits: Techniques and Strategies
- Effective Communication and Interviewing Skills for Auditors
- Documenting Audit Findings and Observations
- Vulnerability Assessment and Risk Analysis
- Developing Robust Corrective and Preventive Action Plans
- Reporting Audit Results and Recommending Security Enhancements
- Leading Continuous Enhancement in Information Security Management Audits
- Managing Auditor Teams and Audit Program
Assessment Criteria:
The assessment for the Certified in ISO 28003:2007 Lead Auditor course may involve the following criteria:
- Written exams and assignments to evaluate understanding of ISO 28003:2007 Supply Chain Security Management Systems.
- Active participation in discussions, case studies, and practical exercises.
- Successful completion of lead auditor role-plays scenarios.
- Performance in written examinations or assessments covering course content.
Entry Requirements:
Participants should possess a strong understanding of supply chain security principles, ISO 28000 standards, and internal auditing practices. Prior experience in supply chain security or auditing is highly recommended.
Course Duration:
The qualification has recommended course duration of 7 days.
Note: However, the course duration may be increased to meet additional learning needs if required.