G-CERTi | ISO Certification Body

Training Services

home
- Training Services
keyboard_arrow_down
- Introduction
- Certification Process
- Certification Guide
- Certification Services
- Training Services
- Customer Support
- Contact Us
- ISO Auditor Training by Standard
keyboard_arrow_down
- Auditor Registration Program
- ISO Auditor Training by Standard
- Requirements to Become an Auditor
- G-CERTI Training Institute
- Training Provider
- Complaints/Appeals (Training)
- Training Certificate Search

ISO Auditor Training by Standard

ISO/IEC 27001 Auditor Training

Information Security Management System

Overview

ISO/IEC 27001 is an international standard for an information security management system to ensure the confidentiality, integrity, and availability of information assets.

Target Industries

IT services, public institutions, finance, educational institutions, etc.

Common Information

Target Audience: Experienced auditors, new auditors, certification body personnel, internal auditors, consultants, etc.
Course Structure: Theoretical lectures + Case-based workshops + Examination
Industry Classification: Classified according to IAF codes

Course Content

Explanation of information security controls (Annex A)
Practice with cyber threats and risk analysis
Industry-specific issues such as cloud, physical security, and access control

Training Effects

Essential for IT, financial, and public institutions where personal information protection and response to cyber threats are key.
Auditors need practical skills in information security controls (Annex A), risk analysis, and establishing the scope of certification.
Rapidly increasing demand for security audit professionals in changing work environments such as cloud, SaaS, and remote work.

<h2>Guidance on the Collection and Use of Personal Information</h2>
	<div class='support_container'>
		<h3>Purpose of Processing Personal Information</h3>
		<p>
			The company processes the collected personal information for the following purposes.
		</p>
		<ol>
			<li>
				Website Membership and Management<br />
				Personal information is processed for the purpose of confirming the intent to join as a member, identifying/authenticating individuals for member-based services, maintaining/managing membership status, and preventing fraudulent use of services.
			</li>
			<li>
				Provision of Goods or Services<br />
				Personal information is processed for the purpose of providing content, customized services, identity verification, age verification, and payment/settlement of fees.
			</li>
			<li>
				Use in Marketing and Advertising<br />
				Personal information is processed for the purpose of providing event and advertising information and opportunities to participate, understanding access frequency, or for statistics on members' use of services.
			</li>
		</ol>

<h3>Period of Processing and Retention of Personal Information</h3>
		<ol>
			<li>
				G-CERTI Co., Ltd. processes and retains personal information within the period of retention and use of personal information as required by law or as consented to by the information subject at the time of collecting personal information.
			</li>
			<li>
				The processing and retention periods for each type of personal information are as follows:
				<ol type='A'>
					<li>The processing and retention periods for each type of personal information are as follows: Personal information related to <Website Membership and Management> will be retained and used for the above purposes for <3 years> from the date of consent for collection and use.</li>
					<li>Basis for retention: Act on the Use and Protection of Credit Information</li>
					<li>
						Related laws:
						<ul>
							<li>Records on the collection/processing and use of credit information: 3 years</li>
							<li>Records on handling consumer complaints or disputes: 3 years</li>
						</ul>
					</li>
					<li>
						Exceptions:
					</li>
				</ol>
			</li>
		</ol>

<h3>Items of Personal Information Processed</h3>
		<ol>
			<li>
				Required items: Company name, email, mobile phone number, name, company phone number, service usage records, access logs, cookies, access IP information
			</li>
			<li>
				Optional items: Job title
			</li>
		</ol>

</div>

<h2>G-CERTI Data Protection Consent</h2>
	<div class='support_container'>
		<h3>Terms and Conditions</h3>
		<ul>
			<li>
				The website www.G-CERTI.com is the official site of G-CERTI, an ISO certification body.
			</li>
		</ul>

<h3>Intellectual Property Rights</h3>
		<ul>
			<li>
				The G-CERTI logo is a registered trademark and may only be used with explicit prior approval.<br>G-CERTI trademarks, including the name "G-CERTI," may not be used as internet addresses or on other sites without prior written permission.
			</li>
			<li>
				All materials posted on the G-CERTI website are the property of G-CERTI.<br>All materials are legally protected and unauthorized use without G-CERTI’s approval or formal procedure will be subject to legal sanctions.
			</li>
			<li>
				Even if the material is one’s own, it may only be used after undergoing G-CERTI’s approval process, and transfer or distribution to third parties is strictly prohibited.<br>Any unauthorized modification, copying, or use of even a part of the G-CERTI website may be subject to legal penalties.
			</li>
			<li>
				Any unauthorized alteration, reproduction, or use of the G-CERTI website, even in part, may be subject to legal penalties.
			</li>
		</ul>

<h3>Materials and Data</h3>
		<ul>
			<li>
				All data obtained from the G-CERTI site is protected under copyright law. Therefore, reproducing or transmitting the data in any form is illegal.
			</li>
		</ul>

<h3>Links</h3>
		<ul>
			<li>
				Links to the website www.G-CERTI.com may be used only with prior written permission; unauthorized use may result in legal action. G-CERTI is not responsible for unauthorized external links but is accountable for the accuracy of information provided by officially contracted sites.
			</li>
		</ul>

</div>

<h2>Personal Information Protection</h2>
	<p>This law was enacted to strengthen personal information protection by prohibiting the collection, use, or provision of personal data to third parties without the consent of the individual.</p>
	<p>The purpose of this law is to stipulate matters concerning the processing of personal information in order to protect privacy from collection, leakage, misuse, and abuse, thereby enhancing citizens’ rights and interests and realizing individual dignity and value.</p>
	<p>“Personal information” refers to information about a living individual, such as name, national ID number, address, physical information, property information, social status, etc., that can identify the person.</p>
	<p>For example, knowing only someone’s name may not identify them, but combining it with their school makes them identifiable. Thus, when two or more pieces of information are combined to identify someone, it constitutes personal information.</p>
	<table width="100%" border="0" cellpadding="5" cellspacing="0" class="table-type2">
	  <tr>
	    <th width="150" scope="row">General Information</th>
	    <td>Name, National ID number, Address, Phone number, Date of birth, Family relations</td>
	  </tr>
	  <tr>
	    <th width="60" scope="row">Social Information</th>
	    <td>Academic background, Grades, Disciplinary records, School records, Certifications held</td>
	  </tr>
	  <tr>
	    <th width="60" scope="row">Property Information</th>
	    <td>Income information, Credit card numbers, Bank account numbers, Housing, Land, Vehicles, etc.</td>
	  </tr>
	  <tr>
	    <th width="60" scope="row">Other Information</th>
	    <td>Call records, Emails, Personal location, IP address, CCTV footage</td>
	  </tr>
	</table>
	<p>Based on the above grounds, G-CERTI adheres to the following principles of personal data security.</p>
	<p>The content published on the G-CERTI website is used solely for the general disclosure of information about ISO.</p>
	<p>G-CERTI values all personal information and uses it only when necessary for conducting audits requested by companies.</p>
	<p>When a company submits an application form through the website, the information is stored for three years and used only for contact related to the audit.</p>
	<p>If auditor information is required for the audit, G-CERTI collects and uses auditor information only for specific purposes.</p>
	<p>If G-CERTI intends to use personal information for secondary purposes such as marketing, explicit consent will be directly requested from the auditor or company, and it will not be used if they do not agree.</p>
	<p>All information can be accessed only after login; therefore, the information stored in G-CERTI’s intranet is not publicly accessible, and no one can obtain personal information from it.</p>
	<p>However, occasionally, parent companies with approval or accreditation body audits may request information on companies or auditors. In such cases only, G-CERTI will provide details, and disclosure will occur solely when legally required.</p>
	<p>G-CERTI stores all data on secure servers fully protected by firewalls. To safeguard personal and corporate information, G-CERTI takes appropriate preventive measures and follows industry best practices to ensure against loss, misuse, unauthorized access, disclosure, alteration, or destruction.</p>
	<p>G-CERTI reserves the right to amend its personal information protection policy at any time. Changes and explanations will be posted on the website and take immediate effect. If there are significant changes, G-CERTI will notify companies or auditors about how collected information will be used and under what circumstances.</p>
	<p>The information on the G-CERTI website is a general description of ISO certification and auditor training programs. The use of any information or materials from this site is at the sole responsibility of the user, and G-CERTI does not assume liability. Furthermore, whether the general services or information provided through the site meet specific needs is solely up to the user.</p>
	<p>Thank you.</p>
	<p>G-CERTI Co., Ltd.</p>