Course Modules
Modulo I: Introducción y Antecedentes
- Introducción - SGSI
- Historia de la Norma
- ISO/IEC 27001:2022 Estructura
- ISO 27000 Familia de Normas
Módulo II: Conceptos Claves
- ¿Qué es un SGSI?
- Información y Principios Generales
- La Seguridad de la Información
- El Sistema de Gestión
- Factores Críticos de Éxito de una SGSI
- Beneficios de la Familia de Normas SGSI
Modulo III: Términos y Definiciones
- Fase 2. Diseño e Implementación de un SGSI
- Fases de Diseño del SGSI
- Etapas de Implementación de un SGSI
- Estructura de ISO/IEC 27001
- Ciclo Deming PHVA Y SGSI
Modulo IV: Contexto de la Organización
- Comprensión de la Organización y de su Context
- Comprensión de las Necesidades y Expectativas de las Partes Interesadas
- Prioridades de la Organización Para un SGSI
- Determinación del Alcance del Sistema de Gestión de la Seguridad de la Información 4.4
- Sistema de Gestión de la Seguridad de la Información
Modulo V: Liderazgo
- Liderazgo y Compromiso
- Política
- Roles, Responsabilidades y Autoridades en la Organización
Modulo VI: Planificación
- Acciones para Tratar los Riesgos y Oportunidades
- Plan de Tratamiento de Riesgos
- Acciones para Tratar los Riesgos y Oportunidades
- Estructura de la Norma ISO 31000 Gestión de Riesgos Directrices
- Objetivos de Seguridad de la Información y Planificación para su Consecución
Modulo VI: Planificación
- Acciones para Tratar los Riesgos y Oportunidades
- Plan de Tratamiento de Riesgos
- Acciones para Tratar los Riesgos y Oportunidades
- Estructura de la Norma ISO 31000 Gestión de Riesgos Directrices
- Objetivos de Seguridad de la Información y Planificación para su Consecución
Modulo VII: Soporte
- Recursos
- Competencia
- Concienciación
- Comunicación
- Información Documentada
Modulo VIII: Operación
- Planificación y Control Operacional
- Apreciación de los Riesgos de Seguridad de la Información
- Tratamiento de los Riesgos de Seguridad de la Información
- Evaluación y Tratamiento de Riesgo
Modulo IX: Evaluación del Desempeño
- Seguimiento, Medición, Análisis y Evaluación
- Auditoría Interna
- Auditoría
- Revisión por la Dirección
Modulo X: Mejora
- No Conformidad y Acciones Correctivas
- Mejora Continua
Modulo XI: Anexo A: Normativo
- Anexo A: Dominios
- Anexo A: Cláusulas, Objetivos y Controles
- Controles Organizacionales
- Controles de Personas
- Controles Físicos
- Controles Tecnológicos
Modulo XII: Taller - Fase 3
- Gestión de Riesgos de Seguridad de la Información Basado en ISO 27005
- Gestión De Riesgos SGSI
- ¿Por Qué Realizar Una Gestión Al Riesgo?
- Proceso de Gestión del Riesgo Basado en ISO-IEC 27005
- Establecimiento del Contexto
- Identificación de los Activos
- Clasificación de los Activos
- Amenaza
- Perfil de una Amenaza
- Amenazas a la Información
- Vulnerabilidad
- Gestión de Riesgos SGSI: Taller
- ¿Riesgo = Incertidumbre?
- Ciclo de la Gestión de Riesgos
- Gestión De Riesgos SGSI
- Fase 4. Auditorías Internas con Énfasis en Competencias de Auditor Líder
- Estructura de la ISO 19011:2018 Alcance ISO 19011:2018
- Alcance ISO 19011:2018
- Auditoría - Tipos de Auditoría
- Criterios de Auditoría
- Evidencia de la Auditoría
- Resultados de la Auditoría
- Conclusiones de la Auditoría
- Cliente de la Auditoría
- Auditado
- Equipo Auditor
- Experto Técnico
- Observador
- Guía
- Programa de Auditoría
- Alcance de la Auditoría Plan de Auditoría
- Conformidad
- No Conformidad
- Pruebas de Auditoría
- Métodos de Auditoría
- Cláusula 4: Principios de Auditoría
- Cláusula 5: Programa de Auditoría
- Cláusula 6: Actividades de la Auditoría
- Cláusula 7: Competencia y Evaluación de los Auditores Métodos para Evaluar a los Auditores
- Cláusula 7: Atributos Personales
- Cláusula 7: Conocimientos Genéricos y Habilidades
- Establecimiento de Objetivos del Programa de Auditoría
- Determinación y Evaluación de Riesgos y Oportunidades del Programa de Auditoría
- Establecimiento del Programa de Auditoría
- Competencia de (los) Individuo(s) que Gestiona(n) el Programa de Auditoría
- Establecer el Alcance del Programa de Auditoría
- Determinar los Recursos del Programa de Auditoría
- Implementación del Programa de Auditoría
- Definición de Objetivos, Alcance y Criterios para una Auditoría Individual
- Selección y Determinación de Métodos de Auditoría
- Selección de los Miembros del Equipo de Auditoría
- Reunión de Apertura - Revisión de la Documentación en la Auditoría
- Comunicación Durante la Auditoría
- Métodos para Recopilar Información
- La Entrevista - Preguntas Claves del Auditor y Tipo de Preguntas
- Ejecutando la Auditoría - Realización de Entrevistas
- Administración del Tiempo
- Manejo de Situaciones Difíciles
- Resultados de la Auditoría
- Incumplimientos Más Comunes
- Redacción de las No Conformidades
- Fórmula de Redacción de No Conformidades
- Conclusiones de Auditoría
- Informe de Auditoría y Reunión de Cierre
- Preparación y Distribución del Informe de Auditoría
- Realización de Seguimiento de Auditoría
- Las Auditorías de Seguimiento
Current process description
The ISO 27001: 2022 course (internal and leader auditor) is designed to train participants in the interpretation, application and audit of the Information Security Management System (SGSI) based on ISO 27001: 2022.
This course prepares students to obtain two international certifications:
INTERNAL AUDITOR ISO 27001 (I27001A)
LEADING ISO 27001 AUDITOR (I27001LA)
The program includes the necessary training for the planning, implementation and evaluation of an SGSI, allowing participants to acquire key skills in information security audit.
Under the practical Learning Method approach, participants will work on laboratories, practical workshops and/or real projects, ensuring the effective application of knowledge acquired in business environments.
Objectives
At the end of the course, participants will be able to:
- Understand and interpret ISO 27001: 2022, including its scope, requirements and application.
- Implement an Information Security Management System (SGSI) based on ISO 27001.
- Develop internal audits and leading audits, applying audit techniques and tools. Identify and evaluate information security risks, using ISO 27005 for risk management.
- Apply continuous improvement actions in an SGSI, ensuring compliance with international regulations.
Obtain international internal auditor certifications and leading ISO 27001.
Prerequisites
To participate in this training, previous knowledge is not required. Is aimed at:
- Presidents of IT, Executive Chiefs, IT/IS Auditors, Professionals in Information Security, Consultants and Ti Managers.
- Students and professionals related to IT services management.
What Does This Course Include?
| Our Value Proposition | Benefit for Participant or Company |
|---|---|
| International Certification ISO 27001: 2022 (Internal Auditor and Leader) | 18 hours |
| • E-learning reinforcement topics and exclusive materials and simulators | • Complementary platform with digital resources, study guides, support recordings and exam simulators. |
| • Flexible educational model (in-person or live remote) | • Possibility to choose modality without losing human interaction and teaching support. |
| • Focus on employability and professional performance and exam preparation. | • Preparation oriented to certification, job performance and professional scaling based on practice, enhanced with AI support. |
| • Integration of Artificial Intelligence in learning | • Students use AI tools to reinforce understanding, practice exams and enhance their productivity. |
| • International Certification included | • Official endorsement with global recognition. Includes certification exams and access to the partner platform. |
| • Laboratories in real learning environments. | • Unlimited practical experience with real lab accounts and access to professional cloud infrastructure. |
| • Live classes with certified expert instructors. | • Guided and personalized training with direct real-time support, not offline. Recorded classes only for review. |
| • Personalized attention, small groups. | • Individual tracking, progress evaluations and technical support during training. AI-proctored performance examiner. |
| • Post-certification support and extended access to resources | • Post-assistance, access to materials for and continuous updates. |
| • Practical methodology and real and/or simulated projects. | • Applied learning from day one: simulations, business cases, projects and real cloud environments. |
| • Certificates of Approval and/or participation. | • International Certification by Certitalents
• Infinity Training Institute USA: International Certification Diploma in English • Aula Matriz IETDH Colombia - Certificate of participation |
Why choose Infinity Training Institute?
1. Internationally guaranteed certifications
All our courses are Internationally certified:
- Infinity Training Institute USA: International Certification Diploma in English.
- International Certification from our partners Microsoft, Oracle, Certitalents, AWS, PMI, Cisco, etc.
2. We are not an automatic platform, nor self-study through videos
We are a unique model, in-person or Remote modality (with live instructor). Technology + pedagogy + AI + expert instructors + real practice — not self-study or outdated content.
3. Training designed for today's job market
Experience applicable immediately in interviews, technical tests and real work environments.
4. Real or simulated projects with international standards
Students access real environments such as Azure, AWS, Google Cloud, Oracle Cloud, develop real or simulated projects, building a demonstrable technical portfolio depending on the type of course or certification they have chosen.
5. A unique combination in Latin America and the USA
Certification + real practice + AI + continuous support + dual diploma.
6. Proven results
More than 95% of our graduates obtain official certification and improve professionally in less than six months.
7. Competency level guarantee
If the student during the practical training process does not reach a minimum performance level of 75%, they must repeat the course if the instructor determines so, and the student has shown the commitment and minimum class attendance required by the model.
Your professional future starts here
At Infinity Training Institute we boost your growth with an innovative, flexible model focused on real learning and performance evaluation. Certified instructors, intensive practice, integrated AI and constant support: world-class training.
All our courses are Internationally certified:
- Infinity Training Institute USA: International Certification Diploma in English.
- International Certification from our partners Microsoft, Oracle, Certitalents, AWS, PMI, Cisco, etc.
2. We are not an automatic platform, nor self-study through videos
We are a unique model, in-person or Remote modality (with live instructor). Technology + pedagogy + AI + expert instructors + real practice — not self-study or outdated content.
3. Training designed for today's job market
Experience applicable immediately in interviews, technical tests and real work environments.
4. Real or simulated projects with international standards
Students access real environments such as Azure, AWS, Google Cloud, Oracle Cloud, develop real or simulated projects, building a demonstrable technical portfolio depending on the type of course or certification they have chosen.
5. A unique combination in Latin America and the USA
Certification + real practice + AI + continuous support + dual diploma.
6. Proven results
More than 95% of our graduates obtain official certification and improve professionally in less than six months.
7. Competency level guarantee
If the student during the practical training process does not reach a minimum performance level of 75%, they must repeat the course if the instructor determines so, and the student has shown the commitment and minimum class attendance required by the model.
Your professional future starts here
At Infinity Training Institute we boost your growth with an innovative, flexible model focused on real learning and performance evaluation. Certified instructors, intensive practice, integrated AI and constant support: world-class training.
Learning Methodology
At Infinity Training Institute, we apply a comprehensive, ever-evolving methodology centered on practical learning, powered by Artificial Intelligence, enabling personalized instruction, performance assessment, and optimized preparation for international certifications with certified instructors, real labs, simulators, and e-learning platforms. Participants learn by doing, developing technical and professional skills in small groups, with personalized follow-up and pre and post-certification support. Infinity Training Institute: Learn. Apply. Get Certified. Transcend.
Current process description
The ISO 27001: 2022 course (internal and leader auditor) is designed to train participants in the interpretation, application and audit of the Information Security Management System (SGSI) based on ISO 27001: 2022.
This course prepares students to obtain two international certifications:
INTERNAL AUDITOR ISO 27001 (I27001A)
LEADING ISO 27001 AUDITOR (I27001LA)
The program includes the necessary training for the planning, implementation and evaluation of an SGSI, allowing participants to acquire key skills in information security audit.
Under the practical Learning Method approach, participants will work on laboratories, practical workshops and/or real projects, ensuring the effective application of knowledge acquired in business environments.
Objectives
At the end of the course, participants will be able to:
- Understand and interpret ISO 27001: 2022, including its scope, requirements and application.
- Implement an Information Security Management System (SGSI) based on ISO 27001.
- Develop internal audits and leading audits, applying audit techniques and tools. Identify and evaluate information security risks, using ISO 27005 for risk management.
- Apply continuous improvement actions in an SGSI, ensuring compliance with international regulations.
Obtain international internal auditor certifications and leading ISO 27001.
Prerequisites
To participate in this training, previous knowledge is not required. Is aimed at:
- Presidents of IT, Executive Chiefs, IT/IS Auditors, Professionals in Information Security, Consultants and Ti Managers.
- Students and professionals related to IT services management.
What Does This Course Include?
| Our Value Proposition | Benefit for Participant or Company |
|---|---|
| International Certification ISO 27001: 2022 (Internal Auditor and Leader) | 18 hours |
| • E-learning reinforcement topics and exclusive materials and simulators | • Complementary platform with digital resources, study guides, support recordings and exam simulators. |
| • Flexible educational model (in-person or live remote) | • Possibility to choose modality without losing human interaction and teaching support. |
| • Focus on employability and professional performance and exam preparation. | • Preparation oriented to certification, job performance and professional scaling based on practice, enhanced with AI support. |
| • Integration of Artificial Intelligence in learning | • Students use AI tools to reinforce understanding, practice exams and enhance their productivity. |
| • International Certification included | • Official endorsement with global recognition. Includes certification exams and access to the partner platform. |
| • Laboratories in real learning environments. | • Unlimited practical experience with real lab accounts and access to professional cloud infrastructure. |
| • Live classes with certified expert instructors. | • Guided and personalized training with direct real-time support, not offline. Recorded classes only for review. |
| • Personalized attention, small groups. | • Individual tracking, progress evaluations and technical support during training. AI-proctored performance examiner. |
| • Post-certification support and extended access to resources | • Post-assistance, access to materials for and continuous updates. |
| • Practical methodology and real and/or simulated projects. | • Applied learning from day one: simulations, business cases, projects and real cloud environments. |
| • Certificates of Approval and/or participation. | • International Certification by Certitalents
• Infinity Training Institute USA: International Certification Diploma in English • Aula Matriz IETDH Colombia - Certificate of participation |
Why choose Infinity Training Institute?
1. Internationally guaranteed certificationsAll our courses are Internationally certified:
- Infinity Training Institute USA: International Certification Diploma in English.
- International Certification from our partners Microsoft, Oracle, Certitalents, AWS, PMI, Cisco, etc.
2. We are not an automatic platform, nor self-study through videos
We are a unique model, in-person or Remote modality (with live instructor). Technology + pedagogy + AI + expert instructors + real practice — not self-study or outdated content.
3. Training designed for today's job market
Experience applicable immediately in interviews, technical tests and real work environments.
4. Real or simulated projects with international standards
Students access real environments such as Azure, AWS, Google Cloud, Oracle Cloud, develop real or simulated projects, building a demonstrable technical portfolio depending on the type of course or certification they have chosen.
5. A unique combination in Latin America and the USA
Certification + real practice + AI + continuous support + dual diploma.
6. Proven results
More than 95% of our graduates obtain official certification and improve professionally in less than six months.
7. Competency level guarantee
If the student during the practical training process does not reach a minimum performance level of 75%, they must repeat the course if the instructor determines so, and the student has shown the commitment and minimum class attendance required by the model.
Your professional future starts here
At Infinity Training Institute we boost your growth with an innovative, flexible model focused on real learning and performance evaluation. Certified instructors, intensive practice, integrated AI and constant support: world-class training.
Learning Methodology
At Infinity Training Institute, we apply a comprehensive, ever-evolving methodology centered on practical learning, powered by Artificial Intelligence, enabling personalized instruction, performance assessment, and optimized preparation for international certifications with certified instructors, real labs, simulators, and e-learning platforms. Participants learn by doing, developing technical and professional skills in small groups, with personalized follow-up and pre and post-certification support. Infinity Training Institute: Learn. Apply. Get Certified. Transcend.