For more information about CSM-ACE 2019, please contact: 
  • |
  • +603 8800 7999

Certified Information Security Management System (CISMS)

Date 24 – 26 September 2019
Time 8.30 am - 5.00 pm
Venue Royale Chulan, Kuala Lumpur, Malaysia
Fee Training: RM4,250.00 | Exam: RM800.00 (Fees exclude 6% SST)
Level Certification

This course explores the objectives of ISMS Audit and explains the roles and responsibilities of an Auditor to ensure the effectiveness of controls; and improvement of the management system in ISO/IEC 27001:2013.

This course is designed to develop practical skills and knowledge to conduct audits and improve the implementation of information management system in accordance of ISO/IEC 27001:2013.
  1. Information Security practitioner
  2. Auditors of any discipline
  3. ISMS Developers and Management

The CISMS examination is certified by the Global ACE Scheme. The examination framework is designed to align with a set of relevant Knowledge, Skills and Attitudes (KSA) that are necessary for an Information Security Awareness Manager. Candidates will be tested via a combination of either continual assessment (CA), multiple choice (MC), theory/underpinning knowledge assessment (UK), practical assessment (PA), assignments (AS) and case studies (CS) as required.

Candidates can take the examination at authorized examination centres in participating scheme member countries. Candidates who have successfully passed the CISMS examination will be eligible to apply as an associate or professional member by fulfilling the membership criteria defined under the Global ACE Scheme.

Day 1

1. Introduction

  • Audit Origins
  • ISO/IEC 27001:2013 – 9.2: Internal Audit

2. Control Objectives and Controls

3. Group Activity 1: Control Objectives & Control

  • Assignment
  • In-group discussions
  • Groups presentations

4. Audit Cycle

  • Plan
  • Execute
  • Report
  • Follow-up

5. Audit Cycle: Plan

  • ISMS Audit Programme
  • ISMS Audit Parameters
  • Resources
  • Audit Plan

6. Group Activity 2: Audit Plan

  • Assignment


Day 2

7. Group Activity 2: Audit Plan (cont.)

  • Assignment refresher
  • In-group discussions
  • Groups presentations

8. Audit Cycle: Execute

  • Opening Meeting
  • Conduct the Audit
  • Audit Findings
  • Closing Meetings

9. Group Activity 3 (a): Nonconformity Statement

  • Assignment
  • In-group discussions
  • Groups presentations

10. Group Activity 3 (b): Conduct the Audit Role-play

  • Assignment


Day 3

11. Group Activity 3 (b): Conduct the Audit Role-play

  • Assignment refresher
  • In-groups discussions
  • Groups presentations

12. Audit Cycle: Follow-up

  • Conducting Audit Follow-up

13. ISMS Certification

  • Certification Process
  • Engagement with Certification Body
  • Preparation for Certification Audit
    • ‘To Do’ Lists


  • 2 x tea break and 1 lunch for 3 day training
  • Exam Voucher worth RM1,196