We’ve detected that you are using an outdated browser. This will prevent you from accessing certain features. Update browser

ISO 27001:2013 Internal Auditor.

Contact us about training
Book now View dates & locations

Prices from


Course Type

  • Virtual
  • In-house
  • Public

Course length

Introduction

This two-day course has been developed to help information security managers or those responsible for implementing ISO 27001, to conduct internal audits against ISO 27001:2013 requirements, based on a six-stage approach to ensure best practices within the organisation.

This course will explain the role and responsibilities that an auditor must consistently demonstrate, including the need to display fairness, integrity, confidentiality and a focus on evidence-based decision making.

You need this course if

  • You need to perform internal audits of your Information Security Management (ISMS).
  • You are an experienced Auditor extending your role into information security.
  • You are an Information Security Practitioner looking for audit training.

What will you learn?

  • An overview of the structure and content of ISO/IEC 27001.
  • The contribution internal ISMS audits can make to the effectiveness of your management system.
  • How to establish an effective internal audit system which conforms with ISO/IEC 27001.
  • The roles and responsibilities of an internal ISMS auditor.
  • How to plan your audits by developing effective checklists.
  • How to verify that current practice in your organisation conforms with defined requirements.
  • That auditing for conformity can improve the stability and robustness of management systems.
  • To gather objective evidence through observation, interviewing and sampling of documentation.
  • To report findings accurately.
  • What corrective action is and who is responsible for taking action.
  • How to follow up and verify the effectiveness of corrective action taken.

What do you need to prepare?

  • To be familiar with the types of data held by your organisation and the methods used to store and process this data.
  • A basic understanding of management system frameworks.
  • Ideally to have taken our Introduction to ISO 27001:2013 Requirements course.

Your future development

Course length

Two days.

Book now View dates & locations

Prices from


Course Type

  • Virtual
  • In-house
  • Public

Course length

In-house

If you are looking for a course for four or more people, you may find our in-house option more cost-effective. Contact the team for a quote.

Contact us about training