• ISO55001 Asset Management
    System (AMS)
  • ISO9001 Quality Management
    Systems (QMS)
  • ISO14001 Environmental Management
    Systems (EMS)
  • ISO50001 Energy Management
    Systems (EnMS)
  • ISO45001 Health & Safety Management
    Systems (OHASMS)
  • ISO27001 Information security
    management systems (ISMS)

ISO 27001: 2022 Information Security Management System - Internal Auditor

img 2 days

Course Overview

This two day ISO 27001 Internal Auditor Training will provide participants with the practical skills and knowledge to plan and perform internal audits of an ISMS for compliance with the ISO 27001:2022. It will cover topics such as the purpose of an audit, conducting a Gap Analysis auditing to prepare for the new ISO27001:2022 standard.

Migration from ISO27001:2013 to the new version will involve risk assessment, policy assessment, audit review, document preparation, and other activities. The risk assessment should compare the measures put into place by the organization for the existing ISO27001:2013 standard against the needs for compliance with the new ISO27001:2022. 


This course introduces participants to the ISO 27001:2022 Information Security Management System (ISMS) standards and provides a complete understanding of the practical application of the standard. The course will cover topics ranging from the basics of ISMS, its components, and its benefits, to the audit process and finding areas of intervention. Participants will gain an understanding of the requirements of the ISO 27001:2022 and what is needed to implement them.

  • Develop and plan information security management systems internal audits.
  • Identify how ISO27001 (ISMS) can be integrated into ISO9001 (QMS)
  • Build confidence when being audited by third-party assessors.
  • Preparing for migration from iso27001:2013 and the new ISO27001:2022 standard 
  • Risk assessment / Risk Treatment Methodology 
  • Review of the statement of applicability SOA

Course Content

  • Overview of ISO 27001: 2022 ISMS
  • Understand the ISO 27001:2013 Information Security Management System (ISMS) benchmark standard
  • Learn the practical application of the standard and focus on performance-based, risk-based auditing
  • Acquire the necessary skills to plan and perform internal audits of an ISMS to ensure compliance
  • Understand the benefits of setting up an ISMS
  • Develop expertise on how to document findings and areas for improvement


Open Course CISTC Training: Rose Court, Rye Common Lane, Farnham GU10 5DD 

£790.00 / Person Plus VAT

(ask about our discounted rate for groups)
On-site training:

£1790.00 Plus VAT

(Up to 10 delegates (UK Only)

Aimed at

  • Business owners
  • Risk Managers
  • IT Managers
  • Personnel with an interest in and responsibility for information security management / Data management

Get in touch to discuss your business goals and needs.

© Copyright All Rights Reserved, NDC Certification Services Ltd. 2021.