This ISO 27001 Internal Auditor training course explores the skills needed to carry out internal information security management systems (ISMS) audits. A certified and well-maintained ISMS is a clear indication that your organisation is adhering to good information security practices.

The course builds around a highly interactive case study with workshops that give attendees practical experience of the key stages of an audit.

As a result of attending this 2-day course delegates will be able to prepare, conduct, report and follow up an ISMS internal audit against ISO 27001:2022.

The ISO 27001 Internal Auditor training course is suitable for anyone managing or carrying out an internal audit, or who would like to know more about ISMS audits to help them perform their roles. That includes:

  • those who are or will be performing internal ISMS audits and need the requisite skills
  • those who will be audited and want to understand how the internal audit process works
  • quality managers taking on ISMS responsibilities
  • IT managers and  professionals with information security responsibilities, such as compliance managers, information assurance managers and risk managers

If potential attendees have little or no prior knowledge of ISO 27001 then we recommend they first join our Introduction to ISO 27001 training course, delivered the day before the Internal Auditor course. We offer a discount of £100 when booking these courses together.

Prospective delegates can learn more about prior knowledge requirements and test their understanding with our ISO 27001 Quiz.

Course topics include:

  • introduction to auditing an ISMS based on ISO 27001
  • relationship between ISO 27001 and the rest of the ISO 27000 family
  • auditing process, including:
    • preparation – document review, audit plan, audit checklist
    • performance  – interviews, demonstrations, records
    • reporting  – audit report and nonconformity writing
    • follow up  – correction, cause analysis and corrective action
  • factors determining audit frequency
  • ISO 27001 Annex A controls
  • risk assessment and risk management
  • statement of Applicability (SoA)
  • continual improvement of the ISMS

On completion of this ISO 27001 Internal Auditor training course delegates will have the knowledge to:

  • explain the roles, procedures and documentation within an ISMS internal audit
  • plan, prepare and conduct an effective internal ISMS audit against ISO 27001
  • present audit findings and advise on potential corrective actions
  • identify opportunities for continuing ISMS improvement

Delegates will also receive a certificate of completion to signify their new knowledge and skills in ISO 27001 internal auditing.

ISO 27001 Internal Auditor Certificate

The ISO 27001 Internal Auditor training course can be provided on a dedicated basis face-to-face at your offices or another venue, or in our live virtual classroom. Training encourages team conversations around subjects such as checklists, corrective actions and internal audits. These provide a platform for discussions on successfully undertaking internal audits within your organisation.

Request Quote