This two day ISO 27001:2013 internal auditor course has been developed to help information security managers, or those responsible for implementing ISO 27001, to conduct internal audits of your organization’s information security management system (ISMS) against ISO 27001:2013 requirements.
Delivered by our ISO 27001 trainers, this ISO 27001 internal auditor course will help you establish effective internal audit systems which will help you plan, perform and report on your overall performance of your ISMS in line with ISO 27001 requirements.
Benefits of attending
- Six stage auditing approach. Based on ISO 19011, the international standard for management system auditing, this course outlines LRQA’s six stage approach to auditing to help you adopt internal auditing best practice.
- Skills required for internal auditing. The course will embrace the skills required for effective auditing such as planning, seeking objective evidence, reporting findings accurately and ensuring that corrective action has been applied and followed up when necessary.
- Maintenance and improvement. Outlining the importance of the internal audit function in the maintenance and improvement of your ISMS, this course will provide you with an outline of the contribution internal audits provide to ensure your policies, procedures and controls are effective in meeting the needs of your organization.
- Design audit program. This course will outline the importance of effectively designing your audit program to ensure your audit resource is utilized effectively and seeks assurance on the important processes within your ISMS.
- Roles and responsibilities. Attending this course will explain the expected roles and responsibilities that the auditor must consistently demonstrate, including the need to display fairness, integrity, confidentiality and a focus on evidence-based decision making.
Who should attend?
Attend this course if you are responsible for managing your organization’s information security and have been tasked with implementing and conducting internal audits of your ISMS against ISO 27001 requirements.
What will I learn?
- Develop an understanding of the structure and content of ISO 27001
- Provide insight into the contribution internal ISMS audits can make to the effectiveness of your management system
- Learn how to establish an effective internal audit system which conforms with ISO 27001
- Understand the roles and responsibilities of an internal ISMS auditor
- Gain an understanding on how to plan your audits by developing effective checklists
- Learn how to verify that your current practices in your organization conform with defined requirements
- Understand that auditing for conformity can improve the stability and robustness of your ISMS
- Develop knowledge on how to gather objective evidence through observation, interviewing and sampling of documentation
- Learn how to report findings accurately
- Understand what corrective action is and who is responsible for taking action
- Learn how to follow up and verify the effectiveness of corrective action taken place
Why should I attend?
- To protect your organization from a breach in information security
- Implement an ISMS in line with ISO 27001 requirements and achieve successful certification to ISO 27001
- If you are required to perform internal audits of your ISMS against ISO 27001 requirements this course will help
- Or if you are an experienced auditor looking at extending your role into information security, this course will provide you with the knowledge you need.
What do I need to prepare for this course?
Before you attend this course you will need to be familiar with the types of data held by your organization and the methods used to store and process this data.
You should have a good understanding of ISO 27001 and its requirements. LRQA recommends you attend our ‘Introduction to ISO 27001:2013 requirements’ and ‘ISO 27001:2013 Implementation’ courses prior to attending this course.
- 14 CPD hours
- Training presentation and slides
- Certificate of attendance
- Lunch and refreshments
- Pen and notepad