ISO 27001:2022 Internal Auditor Training Course

This course aims to provide you with the opportunity to learn about the subject of internal auditing of information security management systems, specifically those based on the ISO 27001:2022 international standard. To train potential Internal Auditors in the principles and practices of ISMS auditing in a manner compatible with ISO 27001:2022 or equivalent standards in accordance with the guidance provided in ISO 19011:2018.

About ISO 27001:2022 Internal Auditor Training Course

Course Overview

This two-day course provides the students the skills and knowledge to perform internal information security audits, within their organizations and to contribute to the continual improvement of the information security management system.

Students will be made aware of the current best practices in the field of information security audit of ISMS and will be encouraged to develop their audit skills through analysis and self-criticism. 

Through various methods, including group tasks, brainstorming, role plays and simulations, reflection exercises and interactive participation by students, the course will enable the students to plan, conduct and report an internal  audit of part of an information security management system in accordance with ISO 19011 standard. The tutor will provide theoretical inputs where needed and emphasis will be on imparting applied knowledge in various situations, discussion of real-life examples and the students sharing their experiences with each other to enhance the learning experience. The course will also provide an opportunity to the students for self-assessment of their understanding of the Information Security audit process and techniques through progress tests.

Course Content

The course would cover topics such as:

  • Purpose and structure of the ISO 27001 with reference to the PDCA cycle and the processes related to establishing, implementing, operating, monitoring, reviewing and continual improvement of ISMS with relevance to the internal auditors. How internal audit can be used as a tool to improve the security posture of an organization, will also be covered in the course.
  • Key audit concepts such as audit related terms and definitions, referencing the ISO 19011 standard and the ISO 27001 standard, audit objectives, audit principles, audit planning and the phased approach of an audit cycle will be covered during the course. Students will also be imparted knowledge on the skills and requirements of an internal ISMS auditor in the areas of Information Risk Assessment, Security testing and Vulnerability Analysis. Audit checklists preparation, will also be covered in the course.
The course will impart practical knowledge of how to conduct an ISMS Audit by defining the audit purpose, objectives and criteria, outlining the audit scope, and the methods used to collect objective evidence. The course will also provide information on how to use audit checklists as an audit tool, conduct interviews, hold audit meetings as well as presentation of audit findings in the form of clear and concise audit reports. Students will also learn how to present their recommendations on the corrective and preventive actions, post the ISMS audit.

Course Objective

By the end of the course, the students will learn to describe with reference to the Plan, Do, Check, Act (PDCA) cycle, the purpose, structure and requirements of ISO 27001 from the point of view of an internal auditor.
Students will gain knowledge about the responsibilities of an internal auditor and how internal information security audit plays a role in the maintenance and improvement of information security management systems.
Students will also be able to acquire skills in the audit cycle of planning, conducting and reporting an internal information security audit as a part of a information security management system in accordance with ISO 19011 standard.

About ISO 27001:2022 Internal Auditor Training Course

Course Overview

This two-day course provides the students the skills and knowledge to perform internal information security audits, within their organizations and to contribute to the continual improvement of the information security management system.

Students will be made aware of the current best practices in the field of information security audit of ISMS and will be encouraged to develop their audit skills through analysis and self-criticism. 

Through various methods, including group tasks, brainstorming, role plays and simulations, reflection exercises and interactive participation by students, the course will enable the students to plan, conduct and report an internal  audit of part of an information security management system in accordance with ISO 19011 standard. The tutor will provide theoretical inputs where needed and emphasis will be on imparting applied knowledge in various situations, discussion of real-life examples and the students sharing their experiences with each other to enhance the learning experience. The course will also provide an opportunity to the students for self-assessment of their understanding of the Information Security audit process and techniques through progress tests.

Course Content

The course would cover topics such as:

  • Purpose and structure of the ISO 27001 with reference to the PDCA cycle and the processes related to establishing, implementing, operating, monitoring, reviewing and continual improvement of ISMS with relevance to the internal auditors. How internal audit can be used as a tool to improve the security posture of an organization, will also be covered in the course.
  • Key audit concepts such as audit related terms and definitions, referencing the ISO 19011 standard and the ISO 27001 standard, audit objectives, audit principles, audit planning and the phased approach of an audit cycle will be covered during the course. Students will also be imparted knowledge on the skills and requirements of an internal ISMS auditor in the areas of Information Risk Assessment, Security testing and Vulnerability Analysis. Audit checklists preparation, will also be covered in the course.
The course will impart practical knowledge of how to conduct an ISMS Audit by defining the audit purpose, objectives and criteria, outlining the audit scope, and the methods used to collect objective evidence. The course will also provide information on how to use audit checklists as an audit tool, conduct interviews, hold audit meetings as well as presentation of audit findings in the form of clear and concise audit reports. Students will also learn how to present their recommendations on the corrective and preventive actions, post the ISMS audit.

Course Objective

By the end of the course, the students will learn to describe with reference to the Plan, Do, Check, Act (PDCA) cycle, the purpose, structure and requirements of ISO 27001 from the point of view of an internal auditor.
Students will gain knowledge about the responsibilities of an internal auditor and how internal information security audit plays a role in the maintenance and improvement of information security management systems.
Students will also be able to acquire skills in the audit cycle of planning, conducting and reporting an internal information security audit as a part of a information security management system in accordance with ISO 19011 standard.

Management Systems Training

 

Træningsmetodik og fordele

DNV's kurser blander auditekspertise, dataanalyse og LMS-tilgængelighed (Learning Management System).

 

APQP4Wind kurser

APQP4Wind is the common frame of reference to be used in the industry to strengthen the cooperation between manufacturers and suppliers

 

Automotive og aerospace kurser

At sikre kvalitet og sikkerhed i alle dele af forsyningskæden er afgørende for bil- og luftfartsindustrien.

 

Kurser i energi- og miljøledelse

Offentlighedens bekymring for miljø- og energiudfordringer, strengere lovgivning og øget medieopmærksomhed stiller større krav til virksomhederne i dag.

 

Kurser inden for fødevareområdet

Føde- og drikkevareindustrien bevæger sig for at tilfredsstille kravene fra internationale forbrugere og for at åbne nye markedsmuligheder.

 

Kurser i arbejdsmiljøledelse

Din virksomhed forventes at tage sig af sine medarbejdere ved at håndtere sikkerhed og sundhed på en professionel måde.

 

Kurser i informationssikkerhed og IT-service management

Cyber- og informationssikkerhed er for alvor kommet på den ledelsesmæssige agenda, da det medfører særlige forpligtelser.

 

Medical Device Training Courses

DNV offers a wide range of medical device training courses supporting you in the challenges of meeting regulatory requirements and maintaining quality management systems.

 

Kurser inden for Kvalitetsledelse

Et effektivt kvalitetsledelsessystem på plads kan forbedre din virksomheds kvalitetsprocesser, samlede præstationer og succes

 

Risikostyring og business continuity kurser

Formålet med risikostyring er ikke at eliminere risiko, men at forstå den, så du kan udnytte fordelene og minimere ulemperne.

 

Kurser i bæredygtighed og socialt ansvar

At sikre din forpligtelse til at beskytte menneskerettighederne og operere på en etisk, ansvarlig måde er afgørende for at indgyde etisk praksis og fremme en kultur med bæredygtighed i virksomheden.

Mere information

  ISO 27001

ISO 27001

ISO 27001:2013 standard

  Ti trin til informationssikkerhed

Ti trin til informationssikkerhed

  GDPR - EU Persondataforordning

GDPR - EU Persondataforordning

Interne kurser for din virksomhed

Kontakt os