Description
Introduction
This 3-day ISO 27001:2022 internal auditor training course teaches you the vital skills needed to carry out an internal audit within your organization. It will suit anyone already familiar with ISO norms and is delivered as a mix of practical activities, group discussions, and classroom learning.
Objectives
This 3-day ISO 27001:2022 internal auditor training course teaches you the vital skills needed to carry out an internal audit within your organization. It will suit anyone already familiar with ISO norms and is delivered as a mix of practical activities, group discussions, and classroom learning.
- To develop the skills about 27001:2022 requirements/standards
- To program and plan the internal audits ISO
- To document and to follow the incidents, non-conformities, observations and opportunities for improvement
- To realise the audits reports in accordance with ISO 19011:2018 and ISO 27001:2022
Programme
Day 1 – ISO 27001:2022 requirements/standards
- Introduction: concepts and presentation
- Context of organisation
- Process approach
- Leadership
- Planning and risk assessment
- Life cycle perspective
- Support
- Operational
- Performance Evaluation
- Continuous Improvement
- Exercices
Day 2 – Auditing Management System in accordance with ISO 19001:2018
- Presentation of norm ISO 19011:2018: guidelines for auditing management system
- PDCA approach
- Risk Management
- Concepts and terminology
- Auditor Qualification
- How to plan internal audit (programme and plan)
- Technical aspects
- Communication skills during preparation
- Internal Audit performance
- Context analysis
- Methodology to collect information
- Measure the performance (KPI’s)
- Exercises – role play
- Reporting and closing meeting
Day 3 – Internal Audit _ Case Study ISO 27001:2022
- Roles and Responsibilities of an Internal Auditor
- Record Review Activities
- Internal Auditor Checklist
- Communication Between Departments
- Drafting Reports and Test Plans
- Analyzing and Evaluating Risks
- Managing Risk Approaches
- Risk Assessment Summary
- Statement of Applicability (SOA)
Reporting and Action Plan
Presentation
Conclusions
Conditions
Course Material
The training material will be handed out at the beginning of the course.
Bibliography: We are using during this training the norms ISO 27001:2022 Information Security Management Systems and ISO 27002:2022 Information technology — Security techniques — Code of practice for information security controls and ISO 19011:2018 - Auditor guidelines.
IT Tool : GRCC – Governance Risk Compliance Center – case study
Location
L-1615 Luxembourg
Luxembourg
Sessions et horaires
Vous souhaitez rester à jour sur notre offre de formation ?
Inscrivez-vous à la newsletter