ISO/IEC 27001 Internal Auditor

In this two day course, our expert tutors will teach you how to plan, execute and report on an audit of an ISMS in an organization assessing its conformance with ISO/IEC 27001:2013.

You should already have a good understanding of the requirements of the current standard, and our tutors will expand on your existing knowledge to help you develop the specialized skill and expertise to conduct an internal audit.

We’ll show you how to manage the entire process end-to-end from initiating an audit to reporting on the assessment and conducting a follow-up.

Your learning will rapidly develop using a balance of theory and practical activity, so that you can apply your knowledge effectively during an audit.


Who should attend?

This is intended for those who will be involved in conducting internal audits of an ISMS that conforms to ISO/IEC 27001:2013 in an organization.

Suggested job roles and their teams include:

  • Information security managers
  • IT and corporate security managers
  • Corporate governance managers
  • Risk and compliance managers
  • Information security consultants

Prerequisites:

You should already have knowledge how ISO/IEC 27001:2013 works (for delegates who do not have this, we recommend attending our Introduction to ISO/IEC 27001 course).

Learning objectives

  • What are the principles of auditing conformance to ISO/IEC 27001:2013
  • What are audit activities
  • How to initiate an audit
  • How to prepare audit activities
  • How to conduct audit activities
  • How to prepare and distribute an audit report
  • How to complete the audit
  • How to conduct an audit follow up

Course Benefits

  • Your company will have an internal resource and process to be able to conduct its own audit of its ISMS to assess and improve conformance with ISO/IEC 27001:2013
  • Successful auditing will improve the protection of your organization’s private data to meet your market assurance and corporate governance needs
  • Skills development for your internal auditors; as well as the main core knowledge requirements

Next Steps

  • ISO/IEC 27001 Lead Auditor - Learn the skills necessary to conduct audits against ISO/IEC 27001 and lead audit teams in auditing information security management systems with our IRCA accredited five-day course
  • ISO/IEC 27001 Lead Implementer - Learn how to implement the ISO/IEC 27001 standard within your organization, and understand how to get the most out of your information security management system
  • Risk Management and Operational Planning - Learn how to develop and implement operational plans to help you identify and manage business risk with our two-day Risk Management and Operational Planning course
  • Auditing Cloud Security for STAR Certification - Led by an experienced tutor, this one day course will help you learn how to audit cloud security for the STAR certification programme and learn how to apply the maturity model when auditing a provider’s security controls