About the course
New* ISO27001 Certified ISMS Internal Auditor (CIS IA) Training Course (2 Day)
Developed by experts
Designed by IT Governance Director Steve Watkins, a technical assessor for the United Kingdom Accreditation Service (UKAS), where he helps with the assessment of certification bodies, enabling them to award ISO 27001 certificates of compliance.
Led by specialists
An experienced ISO 27001 auditor and practitioner will explain how to lead an audit from start to finish.
Aligned with best practice
Aligned with the best-practice ISO 19011:2011 (Guidelines for auditing management systems) audit methodology.
Gain practical experience of the internal audit processes through discussion, case studies and role-play.
This course also supports professional development: attendees who pass the included exam are awarded the ISO 17024-certificated CIS IA qualification by IBITGQ.
Day 1: 9.30 am – 4.30 pm
Day 2: 9.15 am – 5.00 pm
What will you learn on this course?
- An overview of the structure and requirements of ISO 27001.
- The mandatory documents for an ISO 27001-compliant ISMS.
- The relationship between ISO 27001, ISO 19011 and ISO 27007.
- How an internal audit contributes to the effectiveness of an ISMS.
- Internal audit concepts, terms and definitions.
- The principles of auditing conformance to ISO 27001.
- The resources required for an internal audit.
- The roles, responsibilities and desired attributes of the internal auditor.
- The different approaches to conducting an internal audit.
- How to plan, develop and manage an effective audit programme.
- How to plan individual internal audits.
- How to conduct an internal audit and handle the interview process.
- How to identify and report evidence-based nonconformities.
- How to take corrective action and conduct an internal audit follow-up.
- The seven principles of a quality management system.
- An overview of the certification process.
CIS IA examination
Take the CIS IA examination at the end of the course – a 60-minute, multiple-choice, ISO 17024-certificated exam set by IBITGQ.
There is no extra charge for taking this exam.
CIS IA is acknowledged by the Payment Card Industry Security Standards Council (PCI SSC) as an approved qualification meeting the requirements of an application for an individual to become a Payment Card Industry Data Security Standard (PCI DSS) Qualified Security Assessor (QSA).
Exam results and certificates
- Provisional exam results will be available immediately on completion of the exam. Confirmed exam results will be issued within ten working days from the date of the exam.
- We aim to make confirmed exam results available within ten working days from the date of the exam.
- Certificates for those who have achieved a passing grade will be issued within ten working days from the date of the exam.
- Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard copy exam certificates are not issued.
Who should attend this course?
This course is aimed at individuals responsible for conducting ISO 27001 or information security internal audits. Depending on your organisation’s size, this may include a number of staff members, representing a range of departments such as HR, finance or operations.
This course also meets the requirements of the PCI SSC for additional QSA qualifications and, in the UK, is covered by the MoD’s ELCAS scheme.
There are no formal entry requirements but it is assumed that you will have a basic knowledge of ISO 27001 gained through practical experience, reading the ISO 27001:2013 standard, or by attending the ISO27001 Certified ISMS Foundation training course.
This course is non-residential, but we can help you find a hotel close to the training venue if you require – simply drop us an email after you book. Our superb training support team will find the solution most suitable for your needs.
The course includes:
A professional training venue with lunch and refreshments;
Comprehensive documentation (digital copy provided as a PDF file);
The CIS IA examination;
A certificate of attendance; and
A guarantee that the course will run – we never cancel a course.
Duration: 2 Day
Cost: £895 + VAT
ISO27001 Certified Training Scotland, Inverness, Glasgow, Edinburgh, Aberdeen and onsite courses throughout Scotland
|Start date||Location / delivery|
|No fixed date||Glasgow, Aberdeen, Inverness|