Skip to main content

ISO/IEC 27001:2022 Internal Auditor (Information Security Management Systems)

Course code
PT220
Duration

Minimum of 14 hours

Category
Type
Level
Scheme(s)

This course aims to provide learners with the knowledge and skills required to perform an internal audit of part of an information security management system based on ISO/IEC 27001 (or equivalent) and report on the effective implementation and maintenance of the management system in accordance with ISO 19011. 

This course does not address ISO/IEC 27001 in detail and does not aim to equip learners with the knowledge and skills to determine conformity, or otherwise, with ISO/IEC 27001. Learners requiring the knowledge and skills to conduct entire information security management system audits against ISO/IEC 27001 should be directed to attend a CQI and IRCA Certified ISO/IEC 27001:2022 Lead Auditor (ISMS) Training course.

Who is it for?

This course is for those who audit an organisation's processes as part of the internal audit programme.

Learning outcomes

Knowledge


1.    With reference to the Plan-Do-Check-Act (PDCA) cycle, explain the process information security management system model for ISO/IEC 27001, and the role of internal audit in the maintenance and improvement of information security management systems.


2.    Explain the role and responsibilities of an auditor to plan, conduct, report, and follow-up an internal quality management system audit, in accordance with ISO 19011.


Skills


3.    Plan, conduct, report, and follow-up an internal audit of part of an information security management system based on ISO/IEC 27001, and in accordance with ISO 19011.

Recommended Prior Knowledge:  

Management systems 

  • Understand the Plan-Do-Check-Act (PDCA) cycle.

Information security management

  • Basic knowledge of the concepts of information security management (see ISO/IEC 27000).

ISO/IEC 27001

An understanding of the requirements of ISO/IEC 27001 (with ISO/IEC 27002) and the commonly used information security management terms and definitions; (see ISO/IEC 27000), which may be gained by completing a CQI and IRCA Certified ISO/IEC 27001:2022 Foundation (ISMS) Training course (FD134) or equivalent.

Assessment

Learners must demonstrate acceptable levels of performance in the three learning objectives to complete the course successfully. Learners will be assessed through a short, written quiz/quizzes or tests. As well as performance in a practical audit situations.

Find this course

Search our database of global Approved Training Partners to find this course in a location near you. 

Find this course

Search our database of global Approved Training Partners for this course in a location near you.

Take the training quiz

If your not sure which course or level is right for you, take the training quiz and find out.