ISO 27001: Information Security Auditing for Financial Institutions
Course Overview
- Understand the ISO 27001 standard and its application in financial institutions for information security management.
- Learn how to audit ISMS (Information Security Management Systems) to ensure compliance, confidentiality, and data integrity.
- Explore techniques for identifying security risks, assessing controls, and mitigating threats.
- Gain practical knowledge to enhance cybersecurity governance, regulatory compliance, and operational resilience.
Training Format:In-class, Virtual, In-house
Location:Lagos, Accra, Nairobi, Kigali
Language:English, French
Nigeria Price:
₦330000
Int'l., (Nigeria) Price:
$1000
Ghana Price:
$4000
Kenya Price:
$5500
Rwanda Price:
$6000
Nigeria Price:₦330000
Int'l., (Nigeria) Price:
$1000
Ghana Price:
$4000
Kenya Price:
$4000
Rwanda Price:
$4000
Nigeria Price: ₦330000
Int'l., (Nigeria) Price:
$1000
Ghana Price: $4000
Kenya Price: $4000
Rwanda Price: $4000
Introduction to ISO 27001 and Information Security
- Overview of ISO 27001: Purpose, scope, and relevance for financial institutions.
- Key Concepts: Information security principles, CIA triad (Confidentiality, Integrity, Availability).
- Stakeholders: ISMS managers, auditors, IT teams, and regulators.
ISMS Framework and Requirements
- Structure of ISO 27001: Policies, procedures, risk assessment, and controls.
- Governance and Leadership Responsibilities: Roles of management and audit committees.
- Risk-Based Approach: Identifying, assessing, and mitigating information security risks.
Planning an Information Security Audit
- Audit Objectives: Compliance, effectiveness, and risk mitigation.
- Scope Definition: Systems, processes, and controls to be assessed.
- Audit Planning Techniques: Sampling, checklist preparation, and resource allocation.
Conducting the Audit
- Evidence Collection: Interviews, document review, and system testing.
- Control Assessment: Technical, administrative, and physical security controls.
- Identifying Gaps: Non-conformities, weaknesses, and areas for improvement.
Reporting and Recommendations
- Audit Reporting: Structuring findings, severity ratings, and recommendations.
- Communicating Results: Effective presentation to management and boards.
- Corrective Action Follow-Up: Ensuring implementation and continuous improvement.
Tools and Techniques for ISMS Auditing
- Audit Checklists and Templates: Standardized tools for consistent evaluation.
- Risk Assessment and Monitoring Tools: Software and dashboards for security analysis.
- Emerging Technologies: AI, threat intelligence, and automated audit tools.
1ST BATCH: Tuesday, March 24, 2026 — Friday, March 27, 2026.
2ND BATCH: Tuesday, July 14, 2026 — Friday, July 17, 2026.
3RD BATCH: Tuesday, November 10, 2026 — Friday, November 13, 2026.
The training methodology integrates lectures, interactive discussions, collaborative group exercises, and
illustrative examples. Participants will acquire a blend of theoretical insights and hands-on practical
experience, emphasizing the application of learned techniques. This approach ensures that attendees return
to their professional environments equipped with both the competence and self-assurance to effectively
implement the acquired skills in their responsibilities.
Facebook
WhatsApp
X
Threads
Telegram
Print
