CPDEquivalent to 24 hours
CERTIFICATESAll delegates will receive a certificate on completion.
A CQI and IRCA certified ISO 27001 ISMS Auditor Conversion training course – Course ID: 2397
The 3-day course includes a simulated audit of an organisation seeking ISO 27001 certification, enabling delegates to put ideas learned into action. Delegates will work as part of an audit team to practise undertaking a risk-based ISMS audit, including:
- planning an ISMS audit
- creating an audit checklist
- conducting a stage 2 ISMS audit
- writing a nonconformity report
Assessment is by continuous evaluation of performance during the course, together with a written examination on the final day.
- auditors who have achieved lead auditor certification in another discipline, for example ISO 9001, and now wish to expand their knowledge to audit an ISMS against ISO 27001:2013
- those with a responsibility for auditing the ISMS, including information security managers, information security consultants and IMS auditors
CQI and IRCA do expect delegates to have prior knowledge of the requirements (clauses) of ISO 27001 before attending this course. Some individuals may find it beneficial to attend our Introduction to ISO 27001 training course. We can offer £100 discount if you book this introductory course together with our ISO 27001 Auditor Conversion training course. To learn more about prior knowledge requirements click here.
Please note that if potential delegates have not previously attended a CQI & IRCA Lead Auditor training course in another discipline, they should view our ISO 27001 Lead Auditor training course rather than this conversion course.
- purpose and benefits of an ISMS
- requirements of ISMS documented information
- auditing a risk assessment
- Annex A – interpreting and auditing the controls
- role of the ISMS auditor
- preparation and conduct of a stage 1 audit
- planning, conducting, reporting and following up a stage 2 audit of an ISMS
- compliance – ISO 17021-1 requirements for certification bodies
- auditing an ISMS in terms of legal compliance
- reporting writing, including nonconformity and audit reports
- explain the purpose and benefits of an ISMS
- plan, conduct, report and follow up an audit of an information security management system
- establish conformity of a management system against ISO 27001 (with ISO/IEC 27002) and in accordance with ISO 19011 and ISO/IEC 17021, as applicable
- verify that the Statement of Applicability (SoA) contains the necessary controls (with reference to Annex A and ISO/IEC 27002)
- evaluate actions to address risks and opportunities
- verify that the risk assessment has criteria for performing information security risk assessments
Delegates who have already successfully completed a CQI and IRCA certified Lead Auditor training course in an alternative discipline will meet the training requirements for certification as an IRCA ISMS Auditor by completing this course.
For Scheduled Training course dates, please select from the Course Dates and Venues table below.
Course dates and venues
PKF Francis Clark|16th Jun, 2022
Inter Scientific|9th Jun, 2022
British Army|5th Apr, 2022
HawkSight SRM Ltd|17th Jan, 2022
South Yorkshire Police|14th Dec, 2021
Network Rail|13th Dec, 2021
Network Rail|10th Dec, 2021
Titian Software Ltd|7th Dec, 2021
Network Rail|6th Dec, 2021
Gladstone MRM|9th Aug, 2021
Agilitas IT Solutions Limited|4th Aug, 2021
Hampshire Constabulary|2nd Aug, 2021