Training

ISO 27001:2022 certified ISMS internal auditor

Learn how to deliver continual improvement within an ISO 27001:2022 ISMS (information security management system)

In partnership with IT Governance

  • Online or in person
  • Two days
  • £950 + VAT

This course will be held on

  • 26–27 November 2024

    • Online or in person
    • 09:30 – 17:00
  • 25–26 February 2025

    • Online or in person
    • 09:30 – 17:00

Course times

This course takes place over two days, with sessions running:

  • Day one: 09:30 - 16:30
  • Day two: 09:15 - 17:00

Please note: these dates are to join a public run of this course, provided by IT Governance. Upon booking you can specify if you'd prefer to join in person or online.

If you'd prefer to be in a Jisc member only run, please email training@jisc.ac.uk.

About

ISO/IEC 27001:2022 is the newest version of ISO 27001 published in October 2022. While not significantly different from the previous standard, ISO 27001:2022 has notable changes that include scoping, planning, operation and performance evaluation, and a revised Annex A.

Learn how to drive continual improvement within your organisation’s ISMS, and find out how to identify opportunities for improvement and take corrective action to maintain conformity to the ISO 27001:2022 standard.

The course covers:

  • A detailed overview of the structure and requirements of ISO 27001:2022
  • The certification process
  • The different approaches to conducting an ISO 27001 audit
  • The evidence-based approach to identifying, compiling and reporting nonconformities of intent, implementation and effectiveness

Who should attend

This course is aimed at individuals responsible for conducting ISO 27001 or information security internal audits. Depending on your organisation’s size, this may include several staff members, representing a range of departments such as HR, finance or operations:

  • IT managers
  • Compliance managers
  • Information assurance officers
  • Information security managers
  • Internal auditors
  • Operational risk managers

This course is only available to Jisc members.

What we cover

  • An overview of the structure and requirements of ISO 27001:2022
  • The mandatory documents for an ISO 27001:2022-compliant ISMS
  • The relationship between ISO 27001, ISO 19011 and ISO 27007
  • How an internal audit contributes to the effectiveness of an ISMS
  • Internal audit concepts, terms and definitions
  • The principles of auditing conformance to ISO 27001
  • The resources required for an internal audit
  • The roles, responsibilities and desired attributes of the internal auditor
  • The different approaches to conducting an internal audit
  • How to plan, develop and manage an effective audit programme
  • How to plan individual internal audits
  • How to conduct an internal audit and handle the interview process
  • How to identify and report evidence-based nonconformitie
  • How to take corrective action and conduct an internal audit follow-up.
  • An overview of the certification process

What’s included in this course?

  • Full course materials (digital copy provided as a pdf file)
  • The ISO 27001:2022 certified ISMS internal auditor exam
  • A certificate of attendance

Training outcomes

  • An overview of the structure and requirements of ISO 27001:2022
  • The mandatory documents for an ISO 27001:2022-compliant ISMS
  • The relationship between ISO 27001, ISO 19011 and ISO 27007
  • How an internal audit contributes to the effectiveness of an ISMS
  • Internal audit concepts, terms and definitions
  • The principles of auditing conformance to ISO 27001
  • The resources required for an internal audit.
  • The roles, responsibilities and desired attributes of the internal auditor
  • The different approaches to conducting an internal audit
  • How to plan, develop and manage an effective audit programme
  • How to plan individual internal audits
  • How to conduct an internal audit and handle the interview process
  • How to identify and report evidence-based nonconformities
  • How to take corrective action and conduct an internal audit follow-up
  • An overview of the certification process

Qualification: Successfully completing the course and included exam awards the ISO 27001:2022 certified ISMS internal auditor (CIS IA) qualification.

Pricing and eligibility

  • Jisc institutional members and those from the education and research sector: £950 + VAT

Please note, you are requesting a place on a public run of this IT Governance course so we are unable to provide refunds for cancellations.