Course benefits:

Understand the basics of ISO 27001

Improve your knowledge of auditing techniques

Add new skills to your resume
This free ISO 27001 Internal Auditor course will teach you everything you need to know about ISO 27001 and how to perform an internal audit in your company. The course includes real-life exercises and role-play simulations to help you practice implementing and auditing the Information Security Management System (ISMS).
After passing the ISO 27001 Internal Auditor exam, you will receive a certificate, accredited by ASIC, which proves your expertise in the standard, as most organizations seek out certified individuals.

This ISO 27001 Internal Auditor course is divided into two parts:

A video library: lessons and practical information about the basics of the standard and how to perform internal audits.

Certification exam: upon successful completion of the exam, you will get a certificate and a badge for your LinkedIn profile to highlight your qualifications.

Who should attend:

Information security managers

Persons responsible for conducting ISO 27001 internal audits

Compliance managers

Prerequisites:

There are no prerequisites to attend this ISO 27001 Internal Auditor course.
Introduction

Introduction to the course

Module 1 - Introduction to ISO 27001

Introduction & suggested reading

What is ISO 27001?

The structure of ISO 27001

Information security principles

Introduction to the Information Security Management System

Implementing ISO 27001 requirements

Implementing ISO 27001 as a project

Documenting ISO 27001 requirements

ISO 27001 Benefits

ISO 27001 Benefits – Real-life exercise

Related documentation

Certification FAQs

Recap quiz

Module 2 - The planning phase

Introduction & suggested reading

Understanding your organization and its context [clause 4.1]

Understanding the needs and expectations of interested parties [clause 4.2]

Determining the scope of the ISMS [clause 4.3]

Leadership and commitment [clause 5.1]

Information Security Policy [clause 5.2]

Organizational roles, responsibilities and authorities [clause 5.3]

Information security objectives [clause 6.2]

Resources [clause 7.1]

Competence [clause 7.2]

Awareness [clause 7.3]

Communication [clause 7.4]

Documented information [clause 7.5]

Related documentation

Recap quiz

Module 3 - Risk Management

Introduction & suggested reading

Addressing risks and opportunities [clause 6.1.1]

Risk management process [clause 6.1.2]

Information security risk assessment – Risk identification [clause 6.1.2]

Exercise: Information security risk assessment – Risk identification

Information security risk assessment – Risk analysis and evaluation [clause 6.1.2]

Information security risk treatment [clause 6.1.3]

Statement of Applicability [clause 6.1.3]

Risk treatment plan [clause 6.1.3]

Related documentation

Recap quiz

Module 4 - The Do Phase

Introduction & suggested reading

Formulating the risk treatment plan [clause 6.1.3]

Implementing the risk treatment plan [clause 8.3]

Operational planning and control [clause 8.1]

Operating the ISMS [clause 8]

Managing outsourcing of operations [clause 8.1]

Controlling changes [clause 8.1]

Risk assessment review [clause 8.2]

Related documentation

Recap quiz

Module 5 - The Check and Act phases

Introduction & suggested reading

Monitoring, measurement, analysis, and evaluation [clause 9.1]

Internal audit [clause 9.2]

Management review [clause 9.3]

Nonconformities and corrective actions [clause 10.2]

Continual improvement [clause 10.1]

Related documentation

Recap quiz

Module 6 - Overview of Annex A

Introduction & suggested reading

Introduction to Annex A

People controls

Physical controls

Technological controls – overview and new controls

Technological controls – software development

Technological controls – operational security

Organizational controls – policies and responsibilities

Organizational controls – information and asset management

Organizational controls – operational security

Organizational controls – supplier security

Organizational controls – incidents and business continuity

Organizational controls – compliance, privacy, and legal aspects of security

Related documentation

Recap quiz

Module 7 - Introduction to the internal audit

Introduction & suggested reading

Internal vs. external audit

The main purpose of the internal audit

ISO Requirements for internal audits

Criteria for selecting the internal auditor

The audit findings

Nonconformities

Observations

Major and minor nonconformities

Related documentation

Recap quiz

Module 8 - Organizing the internal audit

Introduction & suggested reading

Organizing the internal audit

Internal audit procedure

Annual audit program

Audit plan for an individual audit

Related documentation

Recap quiz

Module 9 - Internal audit elements

Introduction & suggested reading

Internal audit elements

Document review

Creation of the checklist

Internal audit report

Corrective action requests and corrective action follow-up

Related documentation

Recap quiz

Module 10 - The main audit

Introduction & suggested reading

Auditor assumptions

Techniques for finding evidence

Sampling the records

Recording the evidence

Interviewing techniques

Remote audits

Auditing integrated management systems

Related documentation

Recap quiz

Instructions for taking the exam and obtaining the certificate
Advisera’s courses are accredited by ASIC

ASIC is one of the world's largest international accreditation agencies for schools, colleges, universities, and online learning providers. Based in the UK, this government-approved quality assurance body is recognized globally, with more than 400 providers accredited in over 65 countries.

Why Advisera chose ASIC

Advisera chose ASIC accreditation because it is focused primarily on leading universities and online training organizations. When compared to other accreditation bodies, it has the largest portfolio of higher education organizations, as well as distance education providers.
About the ISO 27001 Internal Auditor course

How do I purchase exams for several people?

We have prepared a discount if you purchase certificates for more than one student at once. Do not hesitate to contact us at sales@advisera.com to find out the prices.

Are the ISO 27001 Internal Auditor course and certificate accredited?

Yes, both the ISO 27001 Internal Auditor course and the certificate are accredited by ASIC, an internationally renowned quality standard for schools, colleges, universities, and online learning providers. This accreditation provides additional credibility for the quality of Advisera’s courses and ensures that the certificate is globally recognized.

What is the deadline for attending the video lectures?

There is no time limit, so you can take as long as you need to watch the video lectures. We do, however, recommend that you watch them all within one to two weeks so that you get the most benefit from them.

What is needed to access the ISO 27001 Internal Auditor online training?

All you need to access the course is your PC, Mac, or mobile device; any major browser (Chrome, Firefox, Internet Explorer, Safari, etc.); and a broadband Internet connection. And, of course, enough available time to devote to the course.

What do I need to know before attending the course?

You don’t need any prior knowledge or experience in the implementation – this course was designed so that a beginner to these topics will understand it.

How do I get certified as ISO 27001 Internal Auditor?

It's simple:

Watch complete videos of all of the lessons, and answer all of the practice exams.

Pass the online exam.

When will I receive the certificate for the course?

After watching all of the video lessons you may take the certification exam. If you earn a passing score, you will be issued the certificate. Please note that, during the exam, an online proctoring service will verify your identity and ensure that you take the exam without assistance. Click here to learn more about our online proctoring service.

About the ISO 27001 Internal Auditor exam

What does it take to pass the exam and earn the certificate?

The course materials (video lectures, quizzes, reading materials, practice exams, and other resources) are all you need to successfully pass the certification exam and receive your ISO 27001 Internal Auditor certificate.

How many questions are on the exam?

There are a total of 58 questions on the exam. Some of them are True/False questions, while the others are multiple-choice questions, and all correctly answered questions are worth 1 mark.

How much time is allowed for the exam?

The time allowed to answer all the questions on the exam is 90 minutes. However, please reserve an additional 15 minutes of your time for a system check-up before you start the exam session.

In which language is the exam?

The exam is in English.

Where will I take the examination?

The ISO 27001 Internal Auditor certification exam can be taken online, from anywhere. To make this possible, we employ an online proctoring service. Click here to learn more.

Course Instructors

ISO 27001 Internal Auditor Course - Advisera

Dejan Kosutic

CEO & Lead Expert for ISO 27001 & ISO 22301

Leading expert on cybersecurity/information security and author of several books, articles, webinars, and courses. As a premier expert, Dejan founded Advisera to help small and medium businesses obtain the resources they need to become certified against ISO 27001 and other ISO standards. He believes that making ISO standards easy to understand and simple to use creates a competitive advantage for Advisera's clients.

Carlos Pereira Da Cruz

ISO Consultant, Trainer, and Auditor

Carlos Pereira da Cruz has more than 30 years of experience working as a consultant, trainer, and auditor with ISO 9001 and ISO 14001. He is a university teacher and author of several books on strategic management, ISO 9001, and ISO 14001.

Conformio

ISO 27001 Documentation Toolkits

ISO 27001 Training

By Type

Where to Start

NewAI Tool

Other

Dejan Kosutic

ISO 27001 Internal Auditor Course

Introduction

Module 1 - Introduction to ISO 27001

Module 2 - The planning phase

Module 3 - Risk Management

Module 4 - The Do Phase

Module 5 - The Check and Act phases

Module 6 - Overview of Annex A

Module 7 - Introduction to the internal audit

Module 8 - Organizing the internal audit

Module 9 - Internal audit elements

Module 10 - The main audit

Advisera’s courses are accredited by ASIC

Why Advisera chose ASIC

How do I purchase exams for several people?

Are the ISO 27001 Internal Auditor course and certificate accredited?

What is the deadline for attending the video lectures?

What is needed to access the ISO 27001 Internal Auditor online training?

What do I need to know before attending the course?

How do I get certified as ISO 27001 Internal Auditor?

When will I receive the certificate for the course?

What does it take to pass the exam and earn the certificate?

How many questions are on the exam?

How much time is allowed for the exam?

In which language is the exam?

Where will I take the examination?

Online course

Exam and certificate

Course Instructors

Dejan Kosutic

Carlos Pereira Da Cruz

Why Advisera ISO 27001 Internal Auditor Course?

Free unlimited access to the entire course

Globally recognized accreditation by ASIC

Expert AI assistant available during the course

12,000 students have attended this course already

Related Trainings

ISO 27001 Lead Auditor

ISO 9001 Lead Auditor

ISO 9001 Internal Auditor

Get in Touch

Products

Resources

Standards & Regulations

Advisera

Help