Information security management system internal auditor (ISO 27001, ISO 19011)

This online course provides the necessary knowledge and skills to conduct internal audits of an Information Security Management System (ISMS) based on ISO 27001:2022 and ISO 19011:2018 standards.

To enhance understanding, all course slides are voiced. Real-life cases will help participants better apply theory in practice. Structured information is divided into modules, making the learning process even more efficient.

Internal audits are crucial for ensuring company’s information security. Proper qualifications for an internal auditor are essential for effective identifying and assessing risks, as well as ensuring compliance with normative requirements and standards.

This course allows to get necessary qualifications, providing participants with practical skills and knowledge to conduct internal audits in accordance with ISO 27001 and ISO 19011.

This course is an essential step for those aspiring to become highly qualified auditors and make a significant contribution to enhancing their company’s information security management system.

Course program

Duration

30 hours

Language

English/Ukrainian

Format

100% online

Course objective

The goal of the course ” Internal Auditor of the Information Security Management System (ISO 27001, ISO 19011)” is to provide participants with the necessary knowledge and skills to conduct internal audits of information security management systems in accordance with the requirements of ISO 27001 standards.

Internal auditors play a critical role in the information security management system. Their work contributes to identifying and minimizing risks, ensuring compliance with standards, and enhancing the overall security of the organization.

Target audience

The target audience for the course “Management System Auditor” includes:

  1. Privacy Management Specialists: Individuals responsible for the protection of personal data and privacy management within the organization.
  2. Information Managers: Specialists involved in managing information security and implementing ISO 27001 and ISO 27701 standards.
  3. Auditors: Professionals conducting management system audits to assess their compliance with standards.

Document on completion

ISMS internal auditor certificate, listed in the SIC international register

Thematic plan

1 Module “Information security management systems (ISO/IEC 27001)”

2 Internal audit (ISO 19011)

The program is designed for 30 hours, including time for studying theoretical material and taking tests.

Objectives

Module 1 Information Security Management Systems (ISO 27001)

Number of hours

 1

Introduction

1,5

 2

General provisions of the standard

2,5

 3

Context of the organization

2

 4

Leadership

2

 5

Planning

2,5

 6

Support (resources)

2,5

 7

Operation

1

8

Performance evaluation

3

 9

Improvement

1

10

Information security controls

5

 

Testing

1
Module 2 Internal audit (ISO 19011)

Number of hours

2.1 Introduction                                                                   1
2.2 General provisions of the standard                         1,5
2.3 Audit program management (AP)                              5
2.4 Carrying out an audit                                                   5
2.5 Competence of auditors                                             2
Testing                                                                                  1