ISO 27001 Internal Auditor

Course Description

Participants will be informed on how internal audit, one of the requirements under the ISO 27001 Information Security Management System Standard, will be planned, realized and reported through group work and practical examples and applications.

Who Should Attend

ISMS project teams, ISMS internal audit team, audit department employees, auditors wanting to build on their experience, all employees wanting to do audit.


Training participants will learn about the planning, implementation and reporting phases of internal audit in a practical manner. With these practices, they will contribute to the correct and effective operation of the existing ISO 27001 ISMS in their organization, and be able to put the experience gained during the training into use.

Training Structure

  • Audit according to ISO/IEC 27001 (TS 27001) standard
  • Audit principles and types
  • Audit program planning, management
  • Audit outline
  • Preparation for the audit
  • Conducting the audit
  • Points requiring attention during the audit
  • How should an auditor be? Qualities an auditor should/should not possess
  • End of audit, reporting
  • Important considerations for reporting
  • Audit follow-up

Necessary Background

Participants are expected to be familiar with the ISO 27001 ISMS Standard.

Training Duration

2 days