About the course
The ISO 27001 ISMS Internal Auditor course outline
This fully accredited, practitioner-led course equips you with the skills to perform internal audits that conform to ISO 27001 and drive continual improvement of an ISO/IEC 27001:2013-compliant ISMS.
Designed by experts
Designed by IT Governance Director Steve Watkins, a technical assessor for the United Kingdom Accreditation Service (UKAS), where he helps with the assessment of certification bodies, enabling them to award ISO 27001 certificates of compliance.
Led by specialists
An experienced ISO 27001 auditor and practitioner will explain how to lead an audit from start to finish.
Aligned with best practice
Aligned with the best-practice ISO 19011:2011 (Guidelines for auditing management systems) audit methodology.
Gain practical experience of the internal audit processes through discussion, case studies and role-play.
Who should attend this course?
This course is aimed at individuals responsible for conducting ISO 27001 or information security internal audits. Depending on your organisation’s size, this may include a number of staff members, representing a range of departments such as HR, finance or operations.
Information Assurance Officer
Information Security Manager
Operational Risk Manager
MoD ELCAS Funding
This course is eligible for funding under the MoD ELCAS scheme and is suitable for serving members of the MoD or service leavers who wish to develop a career in information security management.
Why choose IT Governance for your training needs?
IT Governance is internationally recognised as the authority on ISO 27001. Our team led the world’s first ISO 27001 certification project, and since then we have trained more than 7,000 professionals on information security management system (ISMS) implementations and audits.
What does the ISO 27001 Internal Auditor course cover?
- An overview of the structure and requirements of ISO 27001.
- The mandatory documents for an ISO 27001-compliant ISMS.
- The relationship between ISO 27001, ISO 19011 and ISO 27007.
- How an internal audit contributes to the effectiveness of an ISMS.
- Internal audit concepts, terms and definitions.
- The principles of auditing conformance to ISO 27001.
- The resources required for an internal audit.
- The roles, responsibilities and desired attributes of the internal auditor.
- The different approaches to conducting an internal audit.
- How to plan, develop and manage an effective audit programme.
- How to plan individual internal audits.
- How to conduct an internal audit and handle the interview process.
- How to identify and report evidence-based nonconformities.
- How to take corrective action and conduct an internal audit follow-up.
- The seven principles of a quality management system.
- An overview of the certification process.
- Internal audit concepts
- Why pursue ISO 27001 certification?
- Structure and content of ISO 27001
- Internal audit resource
- The audit programme
- Planning individual internal audits
- Conducting audits
- Corrective action and follow up
What’s included in this course?
- A professional training venue with lunch and refreshments;
- Full course materials (digital copy provided as a PDF file);
- The ISO 27001 Certified ISMS Internal Auditor exam; and
- A certificate of attendance.
What equipment should I bring?
The exam is an online exam. You will need to bring a ‘pop-up enabled’ laptop/tablet to the venue. Full details on how to access the exam will be provided by email 1–2 days before sitting the exam.
Course duration and times
Day 1: 9:30 am – 4:30 pm
Day 2: 9:15 am – 5:00 pm
ISO 27001 Certified ISMS Internal Auditor exam
Attendees take the ISO 27001 Certified ISMS Internal Auditor (CIS IA), ISO 17024-certificated, exam set by IBITGQ at the end of the course. This is a 60-minute multiple-choice online exam, consisting of 40 questions. Candidates need to achieve a minimum of 65% to pass. There is no extra charge for taking the exam.
What qualifications will I receive?
IISO 27001 Certified ISMS Internal Auditor (CIS IA).
How will I receive my exam results and certificates?
Provisional exam results will be available immediately on completion of the exam. Confirmed exam results will be issued within ten working days from the date of the exam.
Certificates for those who have achieved a passing grade will be issued within ten working days from the date of the exam.
Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard copy exam certificates are not issued.
Can exams be retaken?
Yes, if you are unsuccessful on the first attempt you can retake the exam for an additional fee. You can email us to schedule the retest for the exam.