Learn best practice auditing techniques and lead audits with confidence. This intensive five-day course is suited to anyone who has a detailed understanding of ISO/IEC 27001 requirements and wants to build on our ISO/IEC 27001 internal auditor training course.
Led by expert tutors, you’ll gain the skills to lead, plan, manage and follow up an information security management system (ISMS) audit in line with ISO 19011. On the final day of the course, you’ll have the opportunity to test your knowledge in a written exam and receive an internationally recognized auditing certificate.
This is a great course for professional development. You’ll come away from this step in your learning journey with the skills to lead an ISMS audit team and be prepared for any successful third-party ISO/IEC 27001 assessment.
How will I benefit?
- Develop the confidence to lead an audit team
- Conduct an organizational audit of an ISMS in line with ISO/IEC 27001:2022
- Protect private data to future-proof your organization and ensure compliance
Who should attend?
This course is suitable for those wishing to Lead audits of ISMS in accordance with ISO/IEC 27001:2022 (either as a 2nd party, or 3rd party auditor), those wishing to learn about effective audit practices. Security and quality professionals, existing information security auditors who wish to expand their auditing skills and consultants who wish to provide advice on ISO/IEC 27001:2022 ISMS Auditing.
What will I learn?
Explain the purpose and business benefits of:
- Information Security Management Systems (ISMS), ISMS standards
- Management system audit
- Third-party certification
Explain the role of an auditor to plan, conduct, report and follow up an Information Security MS audit in accordance with ISO 19011 (and ISO 17021 where appropriate).
Have the skills to: Plan, conduct, report, and follow up an audit of an ISMS to establish conformity (or otherwise) with ISO/IEC 27001/2, ISO 19011 (and ISO 17021 where appropriate)
What is included?
- A loan copy of the standard for use during the course
- Gain 40 CPD points and comprehensive training notes
- Gain an internationally recognized BSI Training Academy certificate
Prior knowledge and learning
- You must already have knowledge of how management systems work and in particular, the requirements of ISO/IEC 27001:2022. For delegates who do not have these, you will first need to attend our 1-day ISO 27001 Requirements course.
- It would also be beneficial to have been involved in, or preferably undertaken, ISMS audits before attending this course.
Assessment
Each delegate must demonstrate acceptable levels of performance against all course learning objectives, which is evaluated during course activities. Performance is recorded daily by the tutor using the Personal Continuous Assessment Record (PCAR). In order to satisfactorily complete the course, each delegate must complete/attend all elements of the course, pass the continuous assessment and written examination.
The written examination is an online examination which is completed on day 5 of the course. Delegates will receive a link to access the exam and have 24hrs to successfully complete the examination. On successful completion, we’ll email you a copy of your Certificate of Achievement.
The examination permits access to the ISO 27001 standard and a dictionary during the exam. The pass mark is 56 or 70%.