For more information about CSM-ACE 2018, please contact: 
  • |
  • +60 3 8992 6888

Certified Information Security Management System (CISMS)

Date 24th & 26th Sept 2018
Time 8.30 am - 5.00 pm
Venue Royale Chulan, Kuala Lumpur, Malaysia
Fee Training: RM3,050.00 | Exam: RM800.00 (Fees Include 0% GST)
Level Certification

Certified Information Security Management System (CISMS) is a 2 days hands-on training and certification programme that will be explored more deeply on the objectives of having ISMS Audit and explain the responsibilities and roles of an Internal Auditor in maintaining the effectiveness of controls; and improvement of the management system in ISO/IEC 27001:2013.

This course is designed to learn practical skills and knowledge to conduct internal audits and contribute to the continual improvement of the information management system in accordance of ISO/IEC 27001:2013.
  1. Information Security practitioner
  2. Internal Auditors of any discipline
  3. ISMS Implementers and Management

The CISMS examination is certified by the Global ACE Scheme. The examination framework is designed to align with a set of relevant Knowledge, Skills and Attitudes (KSA) that are necessary for an Information Security Awareness Manager. Candidates will be tested via a combination of either continual assessment (CA), multiple choice (MC), theory/underpinning knowledge assessment (UK), practical assessment (PA), assignments (AS) and case studies (CS) as required.

Candidates can take the examination at authorized examination centres in participating scheme member countries. Candidates who have successfully passed the CISMS examination will be eligible to apply as an associate or professional member by fulfilling the membership criteria defined under the Global ACE Scheme.

Day 1


  • ISO/IEC:27001:2013 clause 9.2 : Internal ISMS Audit
  • Relevant terms and references
  • Overview of  Internal Audit Process

Pre Internal Audit  Process - Establishing the Audit Programme

  • Audit Programme
  • ISMS Auditors responsibilities
  • ISMS Auditors competency and skill
  • Identifying Internal Audit Scope, Objective and Criteria
  • Identifying resources
  • Preparing Audit Plan  (Selecting Audit Team, Selecting Audit Method, etc)

Module 2: During Internal Audit Process – Conducting Audit Activities

  • Performing Document Review
  • Collecting and Verifying Information
  • Generating Audit Finding


Day 2

Module 3: Post Internal Audit Process

  • Preparing and Distributing Audit Report
  • Completing the Audit 
  • Conducting Audit Follow-up

Module 4: Nonconformity Report

  • Writing Nonconformity Report

Module 5: Certification Process Overview

  • Audit for Certification Process
  • Engagement with Certification Body
  • Preparation for Certification Audit
  • 2 x tea break and 1 lunch for 2 day training
  • Exam Voucher worth RM1,196