Train together, save more! 10% off individual registration, 20% off for pairs.
×
(+212) 6 60 10 42 56
Log in
Forgot password
Or create your account
You have just added to your selection
Your cart is empty, See our trainings

Description

This intensive 5-day course allows participants to understand the principles and concepts of application security according to ISO 27034 but also to develop the expertise necessary to prepare and carry out internal and external audits either for an organization or for a application.

Who is this training for ?

For whom ?

Internal or external auditors, project managers, consultants, members of an organization's IS team, developers, directors and application managers.

Prerequisites

Training objectives

  • Acquire the expertise required to carry out an ISO 27034 internal audit that meets the requirements of ISO 19011
  • Acquire the expertise to carry out an ISO 27034 certification audit that meets the requirements of ISO 17021 and 27006
  • Acquire the expertise required to manage a Security
  • Application audit teamUnderstand the scope, lifecycle and compliance limits of an organization or application to ISO 27034

    • Training program

      • Review of the fundamental principles of information security.
      • Overall vision of the ISO 27034 standard.
      • Concepts, principles, definitions, scope, components, processes and actors involved in application security.
      • Implicit concepts integrated into the standard.
      • Advantages and limits of ISO 27034.
      • Differences and complementarity with the common criteria and the CMMI.
      • The Normative Framework of the Organization (CNO) and the ISO/IEC 27034 certification process.
      • Detailed presentation of sections 6 to 8 of ISO/ IEC 27034-1:2011.
      • Fundamental auditing concepts and principles according to ISO 19011.
      • Communication during an audit.
      • Audit procedures.
      • L 'documentary audit.
      • On-site audit and formulation of audit findings, document non-conformities.
      • Audit quality review.
      • Evaluation of corrective action plans.
      • Approach based on the prioritization of unacceptable security risks and the production of evidence.
      • ISO/IEC 27034 surveillance audit.
      • Management program 'ISO/IEC 27034 internal audit.
      • Preparation of an ISO 27034 certification audit.
      • Agreement on the scope of the application security audit.
      • Determination of applications in the perimeter.
      • Determination of application security elements in the perimeter for each application.
      • Agreement on the scope of the SA audit for the organization.
      • The Normative Framework of the Organization (CNO).
      • Management of the CNO .
      • The organization's application security objectives.
      • Agreement on the scope of the application security audit for the application.
      • The normative framework of the application (CNA).
      • The process of management of application security at the CNA level.
      • Trust level and CSA.
      • ISO 27034 - Final revision.
      • Questions and answers.
      • Examen Examen de certification ISO 27034 Lead Auditor.
    • 938
    • 35 h

    Submit your review

    Training in our centers
    Reference
    PL-76
    Duration
    5 Days ( 35 hrs)
    Price
    3800 €
    Training in your company
    Reference
    PL-76
    Duration
    5 Days ( 35 h)
    Request a quote
    On-demand training

    Interested in this topic? Our experts design your customized training!

    Contact us
    Translated By Google Translate