The purpose of the ISO 27001 Internal Auditor Training is to give you the necessary skills to perform internal audits on an organization’s Information Security Management Systems (ISMS) and to contribute to their continual improvement. The training helps you identify and control the threats an organization faces from any information security controls lapses and how to effectively put in place measures to address those risks.
On training completion you will be able to:
• Describe the responsibilities of an internal auditor and describe the role of internal audit in the maintenance and improvement of ISMS, in accordance with ISO 27001 and ISO 9001
• Describe with reference to the Plan-Do-Check-Act (PDCA) cycle the requirements of ISO 27001:2005
• Explain the purpose and structure of ISO 27001
• Plan and prepare for an internal audit, gather audit evidence through observation, interview and sampling of documents and records,
• Write factual audit reports that help to improve the effectiveness of the ISMS
• Suggest ways in which the effectiveness of corrective action might be verified