Show me desktop version

Documentation Tutorial: How to Write ISO 27001/ISO 22301 Internal Audit Procedure and Audit Program

Learn how to use internal audit to improve your information security / business continuity

Find out what is an audit, what is its purpose, and how to set up internal audit standard work program according to ISO 27001 / ISO 22301.

Dejan Kosutic, one of the leading ISO 27001 & ISO 22301 experts, explains which steps you must take when writing the Internal Audit Procedure and shows how to fill in each element of the procedure and Audit program using real document templates.

This unique video tutorial will enable you to learn how to set up an internal audit so that it is not an overhead, but a way to improve information security / business continuity in your organization.


Preview of chapters #1, #4 and #10:



ISO 27001 Free Downloads

Target audience: Companies that are planning to perform internal audit for the first time
Documentation presented In videos:
Procedure for Internal Audit
Annual Internal Audit Program
Language: English
Presenter: Dejan Kosutic
Access: Available as part of the toolkits listed below
Duration: 26m 35s
Format: Streaming video (delivered online)
Code: 27001-VT-EN-111


Chapter List


1. Introduction

1m 29s

2. ISO 27001 / ISO 22301 requirements

4m 21s

3. Structure of Internal Audit Procedure

2m 42s

4. Decision making process for the procedure elements

1m 11s

5. Inputs for the procedure

1m 16s

6. Options for the procedure

1m 14s

7. Related documents

0m 35s

8. Audit program options

2m 2s

9. Criteria for becoming an auditor

1m 2s

10. Filling in the Internal Audit Procedure

6m 38s

11. Filling in the Audit Program

4m 5s


See All Tutorials

About 27001Academy

27001Academy is one of the Academies of Advisera specializes in helping organizations implement top international standards and frameworks such as ISO 27001, ISO 9001, ISO 14001, OHSAS 18001, IATF 16949, AS9100, ISO 20000 and ITIL. Over the years, Advisera has become a global leader in the provision of web-based training and documentation for ISO 27001 (information security management) and ISO 22301 (business continuity management).

Our products are of best-in-class quality. With a proven performance record of successful implementations in more than 100 countries, our world-class customer support ensures success. Read more about the 27001Academy here.




  • Exemplar Global (formerly RABQSA) is leading international authority in certification of training providers.
  • ITIL® is a registered trade mark of AXELOS Limited. Used under licence of AXELOS Limited. All rights reserved.
  • DNV GL Business Assurance is one of the leading providers of accredited management systems certification.
Request callback
Request callback

Or call us directly

International calls
+1 (646) 759 9933