ISO 20000 Lead Auditor - United Kingdom

ISO 20000 Lead Auditor Course Outline

This ISO 20000 Lead Auditor certification consists of 26 modules, which will cover the following content:

Module 1: Information Technology Service Management (ITSM)

• Business case and initial design of the ITSMS
• Define the scope of ITSMS
• IT Service Management
• Benefits of IT Service Management
• ITSMS policy
• Documentation of process and procedures
• Define management systems and process approach
• Presentation of standards and their comparisons
• Fundamental principles of Information Technology
• Preliminary analysis and determining the level of existing information technology
• Develop a project plan
• Accounting the IT services; accounting and budgeting

Module 2: Introduction and Background to ISO/IEC 20000

• What Is ISO/IEC 20000?
• Benefits of ISO/IEC 20000
• ISO/IEC 20000 – parts

Module 3: Introduction ISO/IEC 20000-1:2011

• ISO/IEC 20000-1: 2011
• Key differences - ISO 20000 & ITIL®
• ITIL® life cycles
• Clauses ISO/IEC 20000-1: 2011

Module 4: Service Management System (SMS)

• Management responsibility
• Governance of processes operated by other parties
• Document management
• Establish and improve the SMS
• Resource management

Module 5: Design & Transition of New or Changed Services

Module 6: Introduction to Auditing

• Define auditing
• Types of audit
  • Internal
  • External
• Audit terminology
• Benefits of auditing

 Module 7: Auditing Roles and Principles

• Auditor
• Auditee
• Audit team
• Guides and observers
• Lead auditor
• Audit management
• Maintaining confidentiality
• Independence
• Evidence-based approach
• Integrity
• Fair presentation of audit reports

 Module 8: Responsibilities of the Auditor

• Management of personnel
• Preparation checklists
• Scope of work
• Managing audit programmes
• Communication at all levels of organisation

 Module 9: Skills and Competencies of an Internal Auditor

• Personal attributes
• Knowledge
• Skills
• Education and experience

Module 10: Purpose of Internal Auditing

• Detection
• Protection
• Prevention

 Module 11: Audit Procedures

• Initialise the report
• Prepare activities
• Prepare plans
• Assigning the work to the team
• Preparing documents
• Conduct open meeting
• Prepare and distribute reports
• Complete the audit
• Conduct a follow-up

Module 12: Audit triangle

• Question
• Check
• Observe

Module 13: Audit template/work documents

• Audit requirements
• Audit documents

Module 14: Complete Management

• Service level management
• General requirements
• Service catalogue
• Service level agreement
• Supportive agreements
• Service process

Module 15: Scope

• Scope definition
• Scope consideration
• Scope statement
• Scope agreement
• Guidelines

Module 16: Launching and Implementing

• Configuration and release management
• Change management
• Management of capacity and availability
• Service continuity

Module 17: The Administration of Information Security

• IT security policies
• Security risks assessment
• Controls
• Documents and records
• Managing the operations

Module 18: Implementation Guidance and Types

• Service delivery process
  • Service reporting
  • Service continuity and availability management
  • Budgeting and accounting for services
  • Capacity management
  • Information security management
• Resolution process
  • Incident and service request management
  • Problem management
• Relationship process
  • Business relations
  • Regular reviews
  • Customer satisfaction measurement
  • Service complaints
  • Supplier
  • Contract
  • Service definition
  • Terminating contract
• Control process
  • Configuration management
  • Change management
  • Release and deployment management

Module 19: Control, Monitor, and Measure

• Monitoring the processes
• Internal auditor
• Development of metrics
• Performance indicators and dashboards
• Managing the reviews
• Implementation of the continual improvement program
• Preparing audits
• Managing contractual disputes

Module 20: Introduction to Lead Auditor

• Definition of Lead Auditor

Module 21: On-Site Auditing

• Conduct interview
• Create and evaluate checklist
• Questionnaires for data collection
• Conduct document review
• Evaluate the work done
• Provide sample

Module 22: Remote Auditing

• Observe work through surveillance at the workplace
• Enhancing interaction through communication
• Conduct document reviews with auditees
• Data analysis

Module 23: Methods

• Methods of collecting information
• Interviews
• Observations
• Review of documents and records

Module 24: Audit Report

• Objectives of the report
• Scope of report
• Identify the criteria of the report
• Identification of team
• The dates and locations where audit activity is conducted
• Conclusion
• Distribution of lists
• Follow up the action plan
• Identifying good practices
• Confirmation that the objective has been achieved
• Audit plan including schedule

Module 25: Conducting ISO 20000 Audits

• Communication during auditing
• Procedures and test plans
• Audit findings and documentation

Module 26: Conclusion and Follow-Up

• Documentation
• Quality reviews
• Closing meetings
• Evaluation of the action plan
• Surveillance audit
• The internal auditor management program