ISO 27001:2013 Internal Auditor Training Course


Qualification: This course forms part of our Auditor Qualification programme. To find out more, please visit our training auditor qualifications page here.


This course aims to provide guidance and practical experience in planning, executing, and reporting Information Security Management System audits.

Information security is now recognized as an important business process which, if not managed correctly and efficiently, may impact upon an organization’s ability to deliver its products and services to their customers. Just as important, lack of security has the potential to impact revenues. The highly specialized skills and practical knowledge needed to assess an organization’s capability to manage all aspects of information security is one that can be learnt.

This innovative, two-day course provides a solid foundation in all aspects of the audit process. Stage by stage, delegates are taken through a structured programme that includes a balance of theory and practice. It uses a combination of collaborative learning and practical activities, enabling delegates to gain an understanding of the key activities for auditing.

Gain a Certificate of Achievement for this course

You can now qualify for a Certificate of Achievement, by passing the assessment requirements, including an end-of-course online exam, you’ll improve your professional profile and be able to:

  • Provide evidence of your learning
  • Demonstrate your competence

We will email your exam log-in details when you’ve finished the course. The exam is done online which means you can choose when and where to complete it. You are strongly advised to choose a time and a place where you will not be disturbed, and where you have access to a reliable internet connection. The exam takes approximately 80 minutes, is comprised with 40 multiple choice questions and you have up to 30 days to complete it – including one opportunity for a re-take.

Upon successful completion of this exam you will be awarded a Certificate of Achievement alongside your Certificate of Attendance. If, however, you decide not to complete the exam, you will still be awarded with a Certificate of Attendance. 

Please talk to a member of our training team on 0345 086 9000 if you have any questions or queries in regards to the online exam and your training course.

Who should attend?

The course is especially suitable for:

  • Anyone who is or will be coordinating internal audit activities within your organization
  • Those who have responsibility to audit an Information Security Management System
  • Existing auditors who wish to refresh their skills


The course is aimed at those who already have an understanding of ISO/IEC 27001:2013. If you do not have this understanding, you're strongly recommended to attend the one-day requirements training course as the requirements of this standard are not taught on this internal auditor course.

What will I learn?

By the end of the course delegates will be able to:

To have understanding in the areas of:

  • The principles of auditing to ISO/IEC 27001:2013
  • Audit activities
  • Explain the role of an auditor to plan, conduct, report and follow up an ISMS audit in accordance with ISO 19011

Have the skill to:

  • Initiate the audit
  • Prepare the audit activities
  • Conduct audit activities
  • Prepare and distribute the audit report
  • Complete the audit
  • Audit follow-up
  • Audit an ISMS to establish conformity (or otherwise) with ISO 27001

How will I benefit?

  • Appropriately trained auditors will bring added value to the internal audit process
  • Your business will remain compliant to the international Standard for Information Security Management Systems
  • Skills development for your internal auditors; as well as the main core knowledge requirements

What's included?

  • You will gain 16 CPD points on completing the course
  • Refreshments
  • Lunch
  • Course Folder
  • Detailed course notes
  • On completion, you'll be awarded an internationally recognized BSI Training Academy certificate