This two-day course is part of our auditor qualification programme. It gives you the guidance and practical experience to plan, execute and report on information security Management System audits.

This is ideal training for anyone who has audit responsibilities or wants to refresh their skills. Before you begin, you’ll need to understand ISO/IEC 27001:2022 which can be gained through taking the 27001:2022 requirements course.

During this course, you’ll then learn the principles of auditing to the standard and exactly what the role of the auditor involves. By the end of the training, you’ll have the skills needed to plan, conduct, report and follow up an ISMS audit in accordance with ISO 19011.

Choose to learn live online or in person, both provide you the benefit of first-hand interaction with expert tutors and peers. You’ll be able to take detailed notes, you’ll gain 16 CPD points and an internationally recognized certificate from BSI.

How will you benefit?

• Understand how to comply with the internal audit requirements of your certification body
• Keep your organization compliant with the international standard for an information security management system
• Enhance professional development and refresh auditing skills
• Gain 16 CPD points and a certificate from BSI, your partner in learning

What will you learn?

By the end of the course, you will have an understanding in the areas of:

• The principles of auditing to ISO/IEC 27001:2022
• Audit activities
• The role of an auditor to plan, conduct, report and follow up an ISMS audit in accordance with ISO 19011

You will have the skills to:

• Initiate the audit
• Prepare the audit activities
• Conduct audit activities
• Prepare and distribute the audit report
• Complete the audit
• Audit follow-up
• Audit an ISMS to establish conformity (or otherwise) with ISO 27001

Who should attend?

The course is especially suitable for:

• Anyone who is or will be coordinating internal audit activities within your organization
• Those who have a responsibility to audit an Information Security Management System
• Existing auditors who wish to refresh their skills

Pre-requisites:

The course is aimed at those who already have an understanding of ISO/IEC 27001:2022. If you do not have this understanding, you’re strongly recommended to attend the one-day requirements training course as the requirements of this standard are not taught on this internal auditor course.