Information Security Management System Internal Auditor Course
Conduct effective internal audits and ensure integrity of your information security system
The Internal ISMS Auditor course provides a comprehensive understanding of the information security audit cycle, as well as the knowledge, skills and requirements of an ISMS auditor in the areas of information risk assessment, vulnerability analysis and security testing. Participants will be able to prepare and plan for an internal audit, with the help of audit checklists.
ISMS Internal Auditor Course
IT services need to be managed according to quality standards to ensure that your data is correct, stored and available. Organisations also need to make sure that it can’t be tampered with and that information is actually safe. Therefore, it is recommended to implement information management systems and security policies to ensure data access and security. They also need the skills to enforce these policies and to enable people to live by them.
DNV GL – Business Assurance’s ISO 27001 Internal Auditor course provides a comprehensive understanding of the information security audit cycle for potential internal auditors. This training covers the principles and practices of ISMS auditing, and delegates will be made aware of good audit practices and encouraged to develop their audit skills through analysis and case studies.
Who should attend?
This course is recommended for anyone involved in designing, implementing, maintaining and improving an ISMS and is recommended for anyone performing internal audits of an information security management system.
- Data / Information Security Managers and/or Auditors
- IT Support and Security Executive
- Security Analysts / Officers
- HR, Facilities & Physical Security Responsible
- Risk Compliance Managers with IT Portfolio
- Executives tasked with preparing for ISO 27001 for their organisations
Participants will be trained in the principles and practices of information security management system auditing in a manner compatible with ISO 27001, with added emphasis on information security management fundamentals as well as learn:
- Purpose of an Internal Audit
- ISO 27000 series of standards, purpose and structure
- Pre- and Post-Audit Activities
- Responsibilities as an Internal Auditor
- How to plan and conduct effective internal audits
The course is interactive in nature with emphasis on active involvement of participants in group-work, brainstorming sessions, reflection exercises and assessment of case studies which will result in the participants’ developing understanding and skills for conducting internal audits for ISO 27001 effectively. At the end of the course, delegates will be able to:
- Understand the application of ISMS
- Understand the application of the PDCA cycle in ISMS
- Realise the true role and potential of internal ISMS audits
- Be conversant with the responsibilities of internal auditors
- Have the ability to plan and organise an internal audit
- Be able to collect and analyse evidence, exercising objectivity
- Evaluate and report the results of an internal audit