Home » ISO 27001 ISMS Internal Auditor

ISO 27001 ISMS Internal Auditor

Delivery Method: Onsite




Learn how to drive continual improvement within your organisation’s information management system (ISMS) and find out how to identify opportunities for improvement and take corrective action to maintain conformity to the ISO 27001 standard

Achieve the ISO27001 Certified ISMS Internal Auditor (CIS IA) qualification (ISO 17024-certificated). Exam included in the course. This course qualifies for 14 CPD/CPE points.

This fully accredited, practitioner-led course equips you with the skills to perform internal audits that conform to ISO 27001 and drive continual improvement of an ISO/IEC 27001:2013-compliant ISMS.

  • An overview of the structure and requirements of ISO 27001.
  • The mandatory documents for an ISO 27001-compliant ISMS.
  • The relationship between ISO 27001, ISO 19011 and ISO 27007.
  • How an internal audit contributes to the effectiveness of an ISMS.
  • Internal audit concepts, terms and definitions.
  • The principles of auditing conformance to ISO 27001.
  • The resources required for an internal audit.
  • The roles, responsibilities and desired attributes of the internal auditor.
  • The different approaches to conducting an internal audit.
  • How to plan, develop and manage an effective audit programme.
  • How to plan individual internal audits.
  • How to conduct an internal audit and handle the interview process.
  • How to identify and report evidence-based nonconformities.
  • How to take corrective action and conduct an internal audit follow-up.
  • The seven principles of a quality management system.
  • An overview of the certification process.

Course agenda:

  • Internal audit concepts
  • Why pursue ISO 27001 certification?
  • Structure and content of ISO 27001
  • Internal audit resource
  • The audit programme
  • Planning individual internal audits
  • Conducting audits
  • Reporting
  • Corrective action and follow up

This course is aimed at individuals responsible for conducting ISO 27001 or information security internal audits. Depending on your organisation’s size, this may include a number of staff members, representing a range of departments such as HR, finance or operations.

Job titles:

  • IT Manager
  • Compliance Manager
  • Information Assurance Officer
  • Information Security Manager
  • Internal Auditor
  • Operational Risk Manager

Before joining this course, you need to have attended the ISO 27001 Certified ISMS Foundation training course or you have a good working knowledge of ISO 27001 gained through practical experience.

IT Security Management Training Courses