CONTACT US twitter facebook

ISO 27001: 2022 Internal Auditor

Course description

Throughout this training course, you'll gain the understanding and abilities required to orchestrate and execute both internal and external audits in alignment with ISO 19011 and the ISO/IEC 17021-1 certification procedure.

Through hands-on exercises, you will hone your audit strategies and become adept at developing an audit programme, managing an audit schedule, facilitating communication with clients, and resolving conflicts.

After acquiring the necessary expertise to perform this audit, you can sit for the exam and gain “Certified ISO/IEC 27001: 2022 Internal Auditor” Certification. By holding this Certificate, you will demonstrate that you have the capabilities and competencies to audit organizations based on best practices.

 Target Audience

  • Internal Auditors aiming to conduct Information Security Management System (ISMS) pre-certification audits
  • Managers or consultants who want to excel in the process of auditing an Information Security Management System
  • Persons tasked with ensuring adherence to the requirements of the Information Security Management System
  • Technical specialists who are preparing for an Information Security Management System audit
  • Subject matter experts in Information Security Management

Learning outcomes

By the end of this training course, delegates will be able to:

  • Clarify the fundamental concepts and principles of an Information Security Management System (ISMS) based on ISO/IEC 27001: 2022
  • Analyze the ISO/IEC 27001: 2022 requirements for an ISMS through the lens of an auditor
  • Assess the ISMS's compliance with ISO/IEC 27001: 2022 requirements, using the fundamental concepts and principles of auditing
  • Orchestrate, execute, and conclude an ISO/IEC 27001: 2022 compliance audit, in line with ISO/IEC 17021-1 requirements, ISO 19011 guidelines, and other auditing best practices
  • Oversee an ISO/IEC 27001: 2022 internal audit programme

Our approach

  • This training blends both theoretical knowledge and practical best practices applied in ISMS audits
  • The instructional sessions utilize case study-based examples for illustration
  • Practical exercises are rooted in a case study, encouraging role-play and interactive discussions
  • Quiz questions provided are designed in a manner akin to the final Certification Exam


  • An understanding of ISO/IEC 27001: 2022 evidence requirements and comprehensive knowledge of audit principles.

Course Overview

  • Module 1 The principles and concepts of Information Security  Management System (ISMS) 
  • Module 2 Information Security Management System (ISMS) overview
  • Module 3 Audit concepts and principles 
  • Module 4 Preparation of an ISO/IEC 27001 audit 
  • Module 5 Conducting an ISO/IEC 27001 audit 
  • Module 6 Closing an ISO/IEC 27001 audit 
  • Module 7 Managing an ISO/IEC 27001 Internal audit programme

Course Agenda

  • Day 1: Introduction to the information security management system (ISMS) and ISO/IEC 27001: 2022
  • Day 2: Audit principles, preparation, and initiation of an audit
  • Day 3: On-site audit activities, Closing the Audit and the Certification exam


  • All candidates at official training courses are tested throughout their course with quizzes and exercises, in combination with a final exam held on the last day of the course.  Both elements are a part of the overall score. For this course, the final exam constitutes a 10 question essay type which should be completed within 125 minutes. A passing score is achieved at 70%. Self-study candidates can purchase an exam voucher from our Store.
  • Exam results are returned within 24 hours, with successful candidates receiving both a digital badge and a Certificate of Achievement
download pdf