ISO/IEC 27001:2022 Internal Auditor (Information Security Management Systems) | CQI | IRCA
Home

ISO/IEC 27001:2022 Internal Auditor (Information Security Management Systems)

Course code
PT220
Duration

Minimum of 14 hours

Category
Auditing
Type
  • CQI and IRCA Certified Training
    • Level
    Practitioner
    Scheme(s)
    Information security

    This course aims to provide learners with the knowledge and skills required to perform an internal audit of part of an information security management system based on ISO/IEC 27001 (or equivalent) and report on the effective implementation and maintenance of the management system in accordance with ISO 19011. 

    This course does not address ISO/IEC 27001 in detail and does not aim to equip learners with the knowledge and skills to determine conformity, or otherwise, with ISO/IEC 27001. Learners requiring the knowledge and skills to conduct entire information security management system audits against ISO/IEC 27001 should be directed to attend a CQI and IRCA Certified ISO/IEC 27001:2022 Lead Auditor (ISMS) Training course.

    Who is it for?

    This course is for those who audit an organisation's processes as part of the internal audit programme.

    Learning outcomes

    Knowledge


    1.    With reference to the Plan-Do-Check-Act (PDCA) cycle, explain the process information security management system model for ISO/IEC 27001, and the role of internal audit in the maintenance and improvement of information security management systems.


    2.    Explain the role and responsibilities of an auditor to plan, conduct, report, and follow-up an internal quality management system audit, in accordance with ISO 19011.


    Skills


    3.    Plan, conduct, report, and follow-up an internal audit of part of an information security management system based on ISO/IEC 27001, and in accordance with ISO 19011.

    Recommended Prior Knowledge:  

    Management systems 

    • Understand the Plan-Do-Check-Act (PDCA) cycle.

    Information security management

    • Basic knowledge of the concepts of information security management (see ISO/IEC 27000).

    ISO/IEC 27001

    An understanding of the requirements of ISO/IEC 27001 (with ISO/IEC 27002) and the commonly used information security management terms and definitions; (see ISO/IEC 27000), which may be gained by completing a CQI and IRCA Certified ISO/IEC 27001:2022 Foundation (ISMS) Training course (FD134) or equivalent.

    Assessment

    Learners must demonstrate acceptable levels of performance in the three learning objectives to complete the course successfully. Learners will be assessed through a short, written quiz/quizzes or tests. As well as performance in a practical audit situations.

    Find this course

    Search our database of global Approved Training Partners to find this course in a location near you. 

    Click here

    Tags

    Find this course

    Search our database of global Approved Training Partners for this course in a location near you.

    Search now

    Take the training quiz

    If you're not sure which course or level is right for you, take the training quiz and find out.

    Start the quiz