"Training of internal auditors of management system of information security according to requirements of the international ISO/IEC 27001:2005 standard"

From October 21 to October 23, 2013, within the Plan of professional development of staff of branch RSE "Gosexpertize" on the Aktyubinsk area for 2013, in Alma-Ata the responsible on information security of branch RSE "Gosexpertize" on the Aktyubinsk area Baymurzin A.M. took part in an educational course which was conducted by the consultant of «Kazakhstan Organization of Quality» LLP Shokayeva S.B. on the subject: "Training of internal auditors of management system of information security according to requirements of the international ISO/IEC 27001:2005 standard". In an educational course seminar the following subjects according to requirements of the international ISO/IEC 27001:2005 standard were considered: 1 . Problems of the organizations in the field of information security. International ISO/IEC 27001:2005 standard. Process approach and risk management in information security. Creation SMIS (System of Management of Information Security). Documentation and records SMIS. Management of resources. Introduction and SMIS application. Monitoring and SMIS analysis. Carrying out internal audit of SMIS. 2 . Safety of human resources. Physical safety and protection against environment. Acquisition, development and service of information systems. Management of incidents of information security. Also, the ISO 19011:2011 international standard which provides guidelines on audit of systems of management, including the principles of audit, management of the program of audit and carrying out audit of systems of management, and also guidelines on an assessment of competence of the persons participating in processes of audit, including responsible persons for the program of audit, auditors and auditor groups was considered. On the seminar and examination end, all participants certificates were handed over.