ISO 27001 Information Security Management System Foundation and Internal Auditor

Propel your career – according to Payscale.com, IT Security Manager with IT Risk qualifications can make, on average, 23%+ more than their peers. This course is highly recommended for anyone who will audit, design, implement, maintain and/or improve an ISMS.

Almost daily, there’s news that another database has been hacked or data is corrupted in some way. Most organizations have information security controls, but many do not implement and manage information security management systems (ISMS) that:

  • Systematically examine information security risks, threats, vulnerabilities, and impacts
  • Manage a comprehensive complement of information security controls to address unacceptable risks, and
  • Employ a process-based strategy to ensure that the information security controls are adequate and continually improving.


Who Should Attend:

This course has no pre-requisites and is highly recommended for anyone who will audit, design, implement, maintain and/or improve an ISMS. Anyone who wants to further their knowledge of the ISO standard, should attend.


Recommended follow-up courses:

  • High Level Leadership
  • Effective Root Cause Analysis


Course Highlights:

  • The key elements of an information security management system
  • Management of documents/records, deviations, corrective and preventive actions
  • What internal audits are and why they are conducted
  • The “Plan-Do-Check-Act” principle
  • Management responsibility and review
  • Monitoring audit results, corrective and preventive actions
  • What preparatory work should be carried out before an audit
  • What to pay attention to during the audit
  • How to report and follow up on findings.

Class Hours: 
In Class: 8:30 a.m. - 5:00 p.m. | LiveOnline: 9:00 a.m. - 4:30 p.m. CST.  Classes are delivered in 90 minute sessions, each with 30 minute breaks. Up to four (4) sessions per day.

All our public courses can also be delivered in-house at your premises either as standard or tailored depending on the needs and requirements of your business.

Contact us if you are interested or want to know more about in-house courses.

More Information

Video: Cyber Resilience

True information security requires a shift in culture and mindset. See how ISO 27001 has helped these companies.

Management Systems Training

APQP4Wind Training

A common frame of reference to be used in the industry to strengthen the cooperation between manufacturers and suppliers.

Social Responsibility Training

A structured approach guided by standards based on Diversity, Equity and inclusion to help any company advance and make businesses and people thrive.