Certification:
CQI and IRCA Certified Course

Venue:
This course will be delivered Online Remotely.
For organisations we can also provide group training ‘In-company’ at your premises on request.

Cost:
Individuals: see open course dates above
Organisations: please contact us for volume discounts

Duration and Format:
2 Days delivered live remotely by an experienced auditor and trainer

Class Sizes:
To ensure you get the best learning experience, attendee numbers are restricted:

• Remote with Live Trainer (10 maximum)
• Classroom (12 maximum)

This exciting and interactive 2 day training CQI and IRCA Certified ISO 27001:2022 Internal Auditor Course (ISMS) will help you understand and apply the principles and techniques required for conducting effective quality audits.

An Information Security Management System (ISMS) such as ISO 27001:2022 is an internationally recognised framework designed to help organisations manage and protect their sensitive information effectively. The standard provides a comprehensive set of policies, procedures, and controls that address risks related to data security, ensuring confidentiality, integrity, and availability of information assets.

By adopting ISO 27001:2022, organisations can demonstrate their commitment to robust security practices, comply with legal and regulatory requirements, and build trust with clients and stakeholders by safeguarding their data against potential threats and vulnerabilities. Consequently internal auditors play an essential part in assessing the effectiveness of the ISMS and driving continual improvement.

SEQM TRAINING can provide ISO 27001 Internal Auditor Training to help you understand the requirements of the standard, increasing your personal auditing knowledge, and ensuring that the ISMS of the organisations that you audit remain complaint and continually add value.

During this highly practical and interactive 2 day course you will be guided step-by-step through the entire audit process from the initial stage through to completion and reporting. You will Learn the key principles and practices of conducting an effective ISMS audit in line with ISO 27001:2022 and ISO 19011 “Guidelines for auditing management systems”.

Case studies and role plays feature throughout this training course helping delegates to understand how to practically apply their auditing knowledge.

• Those wishing to start a career as an auditor.
• Those wishing to build on existing Information Security Management System (ISMS) internal auditing experience.
• Those who will be involved in conducting 1st party ISO 27001 internal audits.
• Information Security Professionals wishing to understand Information Security Management System Auditing.
• Information Security Managers, Engineers, Line Managers, Coordinators and Consultants with ISMS responsibilities.
  
• Anyone involved in the auditing, maintaining or supervision of an ISO 27001:2022 ISMS.
• Anyone wishing to plan, perform and conduct a Information Security Management Systems audit and generate reports.

Key topics include:

• An overview of the ISO 27001:2022 standard requirements
• Planning and Performing a Information Security Management System (ISMS) Audit
• Managing a ISMS audit program
• Performing an audit
• Application of auditing guidelines to ISO 27001:2022
• Collecting objective evidence through interviews, observation and documentation reviews
• Preparing audit reports and communicating audit results

Attendees will receive a detailed understanding of:

• The purpose and benefits of Information Security management for the organisation and its customers.
• The role of Internal Audits within a Information Security Management System.
• The requirements of ISO 27001:2022 and how to audit to accommodate the new and amended requirements in ISO 27001:2022.
• Audit Planning and prioritising Information Security risks.
• The role of an internal audit in maintaining and improving Information Security management systems, with reference to the Plan, Do, Check, Act (PDCA) cycle
• How to audit processes and their interaction with other processes.
• How to conduct the opening meeting.
• Audit interviewing techniques.

plus:

• How to identify and develop the questions relating to an ISO 27001 clause that could be used to check whether a company is compliant
• Efficient checklist development.
• Document review process.
• Conducting and leading on-site audit activities.
• How to audit top management commitment and leadership.
• Clear and comprehensive non-conformity report writing.
• Reporting audit findings.
• How to conduct the closing meeting.

Attendees ideally should have a basic understanding of the PDCA cycle, ISO 27001:2022 and its requirements, and the commonly used Information Security management terms and definitions.

This knowledge can be gained through:

• Previous experience
• Self-education
• Attending the SEQM ISO 27001:2022 ISMS Foundation course (link opens in new tab)

• Detailed Course Manual or Notebook
• Certificate of Completion / Achievement
• Lunch and refreshments (classroom only)