ISO 27001 Internal Auditor  Face-to-Face / Virtual Classroom

This ISO 27001 Internal Auditor training course explores the skills needed to carry out internal information security management systems (ISMS) audits. A certified and well-maintained ISMS is a clear indication that your organisation is adhering to good information security practices.

The course builds around a highly interactive case study with workshops that give attendees practical experience of the key stages of an audit.

As a result of attending this 2-day course delegates will be able to prepare, conduct, report and follow up an ISMS internal audit against ISO 27001:2022.

Course topics include:

introduction to auditing an ISMS based on ISO 27001

relationship between ISO 27001 and the rest of the ISO 27000 family

auditing process, including:

preparation – document review, audit plan, audit checklist

performance  – interviews, demonstrations, records

reporting  – audit report and nonconformity writing

follow up  – correction, cause analysis and corrective action

factors determining audit frequency

ISO 27001 Annex A controls

risk assessment and risk management

statement of Applicability (SoA)

continual improvement of the ISMS

On completion of this ISO 27001 Internal Auditor training course delegates will have the knowledge to:

explain the roles, procedures and documentation within an ISMS internal audit

plan, prepare and conduct an effective internal ISMS audit against ISO 27001

present audit findings and advise on potential corrective actions

identify opportunities for continuing ISMS improvement

Any other information:
The ISO 27001 Internal Auditor training course is suitable for anyone managing or carrying out an internal audit, or who would like to know more about ISMS audits to help them perform their roles. That includes:

those who are or will be performing internal ISMS audits and need the requisite skills

those who will be audited and want to understand how the internal audit process works

quality managers taking on ISMS responsibilities

IT managers and  professionals with information security responsibilities, such as compliance managers, information assurance managers and risk managers