0345 4506120

ISO 27001 Internal Auditor

Developed by the UK’s leading ISO 27001 consultancy company, this two-day course provides the knowledge and skills required to perform ISO 27001 internal audits that maintain compliance and drive continual improvement within your organisation’s ISMS, in accordance with clause 9.2.


Gain the skills to perform internal audits that ensure the information security management system (ISMS) maintains conformity to the ISO 27001 standard. Find out how to identify opportunities for improvement and take corrective action. The course is presented by an experienced ISO 27001 practitioner offering real-world expertise and insights.



Entry requirements

There are no formal entry requirements but it is assumed that you will have a basic knowledge of ISO 27001 gained through practical experience, reading the ISO 27001:2013 standard, or by attending the ISO27001 Certified ISMS Foundation training course.


Course Content

Developed by experts

Designed by Steve Watkins, a technical assessor for UKAS (the United Kingdom Accreditation Service), where he helps with the assessment of certification bodies, enabling them to award ISO 27001 certificates of compliance.

Led by specialists

Receive guidance from an experienced auditor and practitioner using a combination of formal training, practical exercises, group activities and relevant case studies.


Led by specialists

An experienced ISO 27001 auditor and practitioner will explain how to lead an audit from start to finish.

Aligned with best practice

Aligned with the best-practice ISO 19011:2011 (Guidelines for auditing management systems) audit methodology.

Hands-on study

Gain practical experience of the audit processes through discussion, case studies and role-play.

What will you learn on this course?

  • Internal audit concepts, terms and definitions
  • The role of the internal auditor and ISMS audits
  • The certification process
  • A detailed overview of the structure and requirements of ISO 27001
  • Mandatory documents for an ISO 27001-compliant ISMS
  • Internal audit resources
  • The auditor’s challenges and personal traits
  • Developing an audit programme
  • The different approaches to conducting an ISO 27001 audit
  • Applying ISO 19011 and ISO 27007 audit processes
  • Planning individual internal audits
  • Conducting the internal audit and handling the interview process
  • The audit trail
  • Reporting, identifying and compiling evidence-based nonconformities of intent, implementation and effectiveness
  • Quality management principles in the audit
  • Corrective action and follow-up



Exams & Certification

 Exam included in the course.

CIS IA examination

Take the CIS IA examination at the end of the course – a 60-minute, multiple-choice, ISO 17024-certificated exam

CIS IA is acknowledged by the Payment Card Industry Security Standards Council (PCI SSC) as an approved qualification meeting the requirements of an application for an individual to become a Payment Card Industry Data Security Standard (PCI DSS) Qualified Security Assessor (QSA).


Exam results and certificates

  • Where exams are taken online (either remotely or by computer in the classroom), provisional exam results will be available immediately on completion of the exam. Confirmed exam results will be issued within 10 working days from the date of the exam.
  • Where exams are done in paper form, we aim to make confirmed exam results available within 10 working days from the date of the exam.
  • For both online and paper exams, certificates for those who have achieved a passing grade will be issued within 10 working days from the date of the exam.
  • Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard copy exam certificates are not issued.

ISO 27001 Learning Pathway

This course is part of our ISO 27001 Learning Pathway, which also includes the ISO27001 Certified ISMS Foundation, Lead Implementer, Risk Management and Internal Auditor courses.



Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the request service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.


Our Customers Include