Submit Search
Upload
BCS ISO 27001 LA Lecture Fahad Zaman.pdf
•
0 likes
•
10 views
F
FahadZaman38
Follow
This is the lecture for the introduction of ISO 27001 Lead Auditor.
Read less
Read more
Technology
Report
Share
Report
Share
1 of 19
Download now
Download to read offline
Recommended
Academia ERP Presentation - College and University Management System
Academia ERP Presentation - College and University Management System
Arpit Badjatya
SURVEY ON ONLINE EXAMINATION SYSTEM USING ARTIFICIAL INTELLIGENCE
SURVEY ON ONLINE EXAMINATION SYSTEM USING ARTIFICIAL INTELLIGENCE
IRJET Journal
Alumni Record System
Alumni Record System
IRJET Journal
SCHOOL_MANAGEMENT_SYSTEM_This_Report_Pre.doc
SCHOOL_MANAGEMENT_SYSTEM_This_Report_Pre.doc
bosed0737
EST-Report[1] grp.pdf
EST-Report[1] grp.pdf
RenuDeshmukh5
EST-Report[1] grp 15 (AutoRecovered).pdf
EST-Report[1] grp 15 (AutoRecovered).pdf
RenuDeshmukh5
Online Student Feedback System
Online Student Feedback System
EditorIJAERD
Student face Attendance System.pptx
Student face Attendance System.pptx
mohdaadil7464
Recommended
Academia ERP Presentation - College and University Management System
Academia ERP Presentation - College and University Management System
Arpit Badjatya
SURVEY ON ONLINE EXAMINATION SYSTEM USING ARTIFICIAL INTELLIGENCE
SURVEY ON ONLINE EXAMINATION SYSTEM USING ARTIFICIAL INTELLIGENCE
IRJET Journal
Alumni Record System
Alumni Record System
IRJET Journal
SCHOOL_MANAGEMENT_SYSTEM_This_Report_Pre.doc
SCHOOL_MANAGEMENT_SYSTEM_This_Report_Pre.doc
bosed0737
EST-Report[1] grp.pdf
EST-Report[1] grp.pdf
RenuDeshmukh5
EST-Report[1] grp 15 (AutoRecovered).pdf
EST-Report[1] grp 15 (AutoRecovered).pdf
RenuDeshmukh5
Online Student Feedback System
Online Student Feedback System
EditorIJAERD
Student face Attendance System.pptx
Student face Attendance System.pptx
mohdaadil7464
Project report-on-student-information-management-system-php-mysql
Project report-on-student-information-management-system-php-mysql
Raj Sharma
Project report college information management system on Advanced Java
Project report college information management system on Advanced Java
Rishabh Kumar ☁️
IRJET- Educational Data Mining for Prediction of StudentsPerformance using Cl...
IRJET- Educational Data Mining for Prediction of StudentsPerformance using Cl...
IRJET Journal
STRATEGIC FINANCIAL MANAGEMENT FOR ENHANCED UI/UX DESIGN IN DIGITAL PLATFORMS
STRATEGIC FINANCIAL MANAGEMENT FOR ENHANCED UI/UX DESIGN IN DIGITAL PLATFORMS
Shreejit Jadhav
CC 207 Module.docx
CC 207 Module.docx
PaulineTorion1
My thesis proposal
My thesis proposal
hungtruongquoc
Key Concepts And Principles Of Internal Quality Assurance...
Key Concepts And Principles Of Internal Quality Assurance...
Lanate Drummond
Attendance management system project report.
Attendance management system project report.
Manoj Kumar
Develop project pia+ risk identification
Develop project pia+ risk identification
Trilateral Research
Erudition- Institute Management System
Erudition- Institute Management System
IRJET Journal
online education system project report
online education system project report
Hagi Sahib
Hafsa 131003112307-phpapp02
Hafsa 131003112307-phpapp02
prashanth Gudavalliprashanth
System maintenance.ppt
System maintenance.ppt
MejanurRahmanJunayed
Online Job Portal
Online Job Portal
Prateek Kulshrestha
An Intelligent Career Guidance System using Machine Learning
An Intelligent Career Guidance System using Machine Learning
IRJET Journal
Chapter_1_INTRODUCTION.pdf
Chapter_1_INTRODUCTION.pdf
Kamal Acharya
Chapter_1_INTRODUCTION.pdf
Chapter_1_INTRODUCTION.pdf
Kamal Acharya
Project-Student Financial Service System
Project-Student Financial Service System
chezhiang
NUS-ISS Digital Architecture Information Session
NUS-ISS Digital Architecture Information Session
engtsze
Studentinformationmanagementsystem.pdf iyr
Studentinformationmanagementsystem.pdf iyr
053VENKADESHKUMARVK
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Anna Loughnan Colquhoun
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
More Related Content
Similar to BCS ISO 27001 LA Lecture Fahad Zaman.pdf
Project report-on-student-information-management-system-php-mysql
Project report-on-student-information-management-system-php-mysql
Raj Sharma
Project report college information management system on Advanced Java
Project report college information management system on Advanced Java
Rishabh Kumar ☁️
IRJET- Educational Data Mining for Prediction of StudentsPerformance using Cl...
IRJET- Educational Data Mining for Prediction of StudentsPerformance using Cl...
IRJET Journal
STRATEGIC FINANCIAL MANAGEMENT FOR ENHANCED UI/UX DESIGN IN DIGITAL PLATFORMS
STRATEGIC FINANCIAL MANAGEMENT FOR ENHANCED UI/UX DESIGN IN DIGITAL PLATFORMS
Shreejit Jadhav
CC 207 Module.docx
CC 207 Module.docx
PaulineTorion1
My thesis proposal
My thesis proposal
hungtruongquoc
Key Concepts And Principles Of Internal Quality Assurance...
Key Concepts And Principles Of Internal Quality Assurance...
Lanate Drummond
Attendance management system project report.
Attendance management system project report.
Manoj Kumar
Develop project pia+ risk identification
Develop project pia+ risk identification
Trilateral Research
Erudition- Institute Management System
Erudition- Institute Management System
IRJET Journal
online education system project report
online education system project report
Hagi Sahib
Hafsa 131003112307-phpapp02
Hafsa 131003112307-phpapp02
prashanth Gudavalliprashanth
System maintenance.ppt
System maintenance.ppt
MejanurRahmanJunayed
Online Job Portal
Online Job Portal
Prateek Kulshrestha
An Intelligent Career Guidance System using Machine Learning
An Intelligent Career Guidance System using Machine Learning
IRJET Journal
Chapter_1_INTRODUCTION.pdf
Chapter_1_INTRODUCTION.pdf
Kamal Acharya
Chapter_1_INTRODUCTION.pdf
Chapter_1_INTRODUCTION.pdf
Kamal Acharya
Project-Student Financial Service System
Project-Student Financial Service System
chezhiang
NUS-ISS Digital Architecture Information Session
NUS-ISS Digital Architecture Information Session
engtsze
Studentinformationmanagementsystem.pdf iyr
Studentinformationmanagementsystem.pdf iyr
053VENKADESHKUMARVK
Similar to BCS ISO 27001 LA Lecture Fahad Zaman.pdf
(20)
Project report-on-student-information-management-system-php-mysql
Project report-on-student-information-management-system-php-mysql
Project report college information management system on Advanced Java
Project report college information management system on Advanced Java
IRJET- Educational Data Mining for Prediction of StudentsPerformance using Cl...
IRJET- Educational Data Mining for Prediction of StudentsPerformance using Cl...
STRATEGIC FINANCIAL MANAGEMENT FOR ENHANCED UI/UX DESIGN IN DIGITAL PLATFORMS
STRATEGIC FINANCIAL MANAGEMENT FOR ENHANCED UI/UX DESIGN IN DIGITAL PLATFORMS
CC 207 Module.docx
CC 207 Module.docx
My thesis proposal
My thesis proposal
Key Concepts And Principles Of Internal Quality Assurance...
Key Concepts And Principles Of Internal Quality Assurance...
Attendance management system project report.
Attendance management system project report.
Develop project pia+ risk identification
Develop project pia+ risk identification
Erudition- Institute Management System
Erudition- Institute Management System
online education system project report
online education system project report
Hafsa 131003112307-phpapp02
Hafsa 131003112307-phpapp02
System maintenance.ppt
System maintenance.ppt
Online Job Portal
Online Job Portal
An Intelligent Career Guidance System using Machine Learning
An Intelligent Career Guidance System using Machine Learning
Chapter_1_INTRODUCTION.pdf
Chapter_1_INTRODUCTION.pdf
Chapter_1_INTRODUCTION.pdf
Chapter_1_INTRODUCTION.pdf
Project-Student Financial Service System
Project-Student Financial Service System
NUS-ISS Digital Architecture Information Session
NUS-ISS Digital Architecture Information Session
Studentinformationmanagementsystem.pdf iyr
Studentinformationmanagementsystem.pdf iyr
Recently uploaded
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Anna Loughnan Colquhoun
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
Results
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
Slack Application Development 101 Slides
Slack Application Development 101 Slides
praypatel2
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
Sinan KOZAK
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
shyamraj55
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
BookNet Canada
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
Radu Cotescu
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
gurkirankumar98700
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
hans926745
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
soniya singh
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
Recently uploaded
(20)
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Slack Application Development 101 Slides
Slack Application Development 101 Slides
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
BCS ISO 27001 LA Lecture Fahad Zaman.pdf
1.
© © A Road Towards
ISO 27001 Lead Auditor Certification • Presented by- Fahad Zaman Chowdhury Joint Secretary (Admin) Bangladesh Computer Society & Joint Director (ICT) Bangladesh Bank 1
2.
© My Profile Professional: Joint
Director (ICT), Bangladesh Bank Member, Bangladesh Bank CIRT Cyber Security Practitioner Panelist, AFI Cyber Security Program, Malaysia Academic: MSc (CS, University of Malaya, Malaysia), MBA (Finance, DU), BSc (EEE, KUET) Certification: ISO 27001 LA, CDFOM, ECSA Academic/research Interests Information Security, Network Security, Game Theory, Security of Pervasive and Ubiquitous Computing Awards/fellowships/grants 1. Secured best paper award in 8th IEEE Control and System Graduate Research Colloquium (ICSGRC) 2017, Conference held in Shah Allam, Malaysia 2. Won IEEE quiz award in IEEE student congress organized by IEEE Malaysia Section & Asia Pacific University, Malaysia 2
3.
© My Profile (Contd.) Publications
And Presentations 1.EDoS Eye: A Game Theoretic Approach to Mitigate Economic Denial of Sustainability Attack in Cloud Computing by Fahad Zaman Chowdhury, Mohd Yamani Idna Bin Idris , Miss Laiha Mat Kiah and M A Manazir Ahsan. In proceeding of 8th IEEE Control & System Graduate Research Colloquium (ICSGRC) 2017, Malaysia. 2. Economic Denial of Sustainability Mitigation Approches in Cloud- Analysis and Open Challenges by Fahad Zaman Chowdhury, Mohd Yamani Idna Bin Idris , Miss Laiha Mat Kiah and M A Manazir Ahsan. In proceeding of International Conference on Electrical Engineering and Computer Science (ICECOS) 2017, Indonesia. 3.An efficient fuzzy keyword matching technique for searching through encrypted cloud data by M A Manazir Ahsan, Fahad Zaman Chowdhury, Musarat Sabilah, Ainuddin Wahid Bin Abdul Wahab, Mohd Yamani Idna Bin Idris. In proceeding of 2017 International Conference on Research and Innovation in Information Systems (ICRIIS), Malaysia. 4. Seminar on "A Dynamic Game Modeling of EDoS Eye" presented in Post Graduate Research Excellence Symposium (PGRES) 2017 organized by faculty of computer science and information technology, University of Malaya, Malaysia. Memberships/affiliations 1. Joint Secretary (Admin), Bangladesh Computer Society 2. Member, Institute of Engineers Bangladesh (IEB) 3. Life Member, Bangladesh Computer Society 4. Member, Engineers Club, Dhaka 5. Former Ex-Co Member, IEEE UM Student branch Online Profile 1 https://scholar.google.com/citations?user=CaTbyOFiZQUC&hl=en (Google Scholar) 2. https://bd.linkedin.com/in/fahad-zaman-chowdhury-644a5427 (Linkedin) 3. https://www.researchgate.net/profile/Fahad_Chowdhury2 (ResearchGate) 3
4.
© © Road Towards ISO 27001 Lead
Auditor Certification 4
5.
© Topic 5 Conducting Audit Audit Findings Audit
Reporting Audit Follow-Up
6.
© Conducting Audit 6 Auditing is
a Fact-Finding Process Not A Fault-Finding Process
7.
© Conducting Audit 7 ü Objective
of an Audit ü Benefits of Audit ü Types of Audit ü Stages of the Audit (Stage 1 & Stage 2 ) ü Surveillance Audits ü Re-Certification Audits ü Principles of Auditing (Integrity, Fair presentation, Due Professional Care, Confidentiality, Independence, Evidence based approach) ü Responsibilities of a Lead Auditor ü Traits/Attributes of an Auditor ü Knowledge and Skills of Auditor
8.
© Conducting Audit 8 Colleacting and
Verifying Information: Sources of information Collecting by means of appropriate sampling Audit Evidence Evaluating against audit criteria Audit findings Reviewing Audit Conclusions
9.
© Conducting Audit 9 Auditor’s Task
: Verify Interviews Questions Observation Examination
10.
© Conducting Audit 10 • What
do Auditors Examine? Documentation Records Hardware Software Processes People
11.
© Audit Findings 11 Audit Findings
: ü Indicate conformity and non-conformity ü Lead to identification of opportunities for improvement or recording good practices ü Can be tremed compliance or non-compliance if the criteria selected based on legal or regulatory requirements
12.
© Audit Findings 12 Fulfilment of
a requirement Factual evidence of a condition in accordance with a specified requirement Non fulfilment of a requirement Factual evidence of a condition not in accordance with a specified requirement
13.
© Audit Findings 13 Major Non-conformity: ü
A significance non-conformance with specified requirements or ISMS requirements ü Failure of System ü Significance number of minor failures
14.
© Audit Reporting 14 ü Record
the findings during the audit time and compile it to make it presentable or reportable ü Review with the auditee/ audit representative when in doubt ü Classify or grade the non-conformity ü Reach to a conclusion of the audit ü Conduct a closing meeting
15.
© Audit Follow-Up 15 Audit follow-up
is required ü To verify and assess the effectiveness of the corrective/preventive actions by the organization. ü Involves: Verifying, Closing and/or Escalating Follow-up audit can vary based on the severety of the problem: ü A limited re-audit ü A renew of the new/amended documentation ü Include in the next audit
16.
© Audit Follow-Up 16 Role of
auditee ü Understand the non-conformity raised ü Investigate the cause ü Identify action ü Select most appropriate actions and develop action plan ü Take corrective actions ü Internal verification of completion ü Inform auditor about implementation and plan for follow-up
17.
© Audit Follow-Up 17 Role of
auditor ü Review corrective action plan ü Verifiy corrective actions ü Close out and confirm compliance report
18.
© Question and Answer 18
19.
© © Thank You All 19
Download now