> information security>Auditing an ISMS - ISO/IEC 27001:2022


SAI Global Assurance Learning is an Exemplar Global certified TPECS provider.
This course meets the knowledge examination requirements of the Exemplar Global – IS – Information Security Management System certification scheme.

  • Learn how to audit an information security management program that complies with ISO 27001:2022.
  • Enhance your career by gaining a professional qualification with Exemplar Global recognition as an Information Security Management Systems auditor.
  • Successful auditing will improve the protection of any organisation?s private data to meet market assurance and corporate governance needs

This two day advanced course develops the skills needed to perform effective internal/external audits against the ISO/IEC 27001:2022 Information Security Management Systems standard. Participants will learn how to use an audit program to monitor and improve their organization?s Information Security Management System, and develop the skills needed to conduct effective audits.

This course forms part of the five-day Lead Auditor in Information Security systems course and provides a technical understanding of ISO/IEC 27001:2022.

This course covers the following topics:

  1. Overview of an ISMS
  2. Understanding ISO/IEC 27001:2022, ISO/IEC 27002:2022 and ISO/IEC 27002:2022
  3. The intent of ISO/IEC 27001
  4. How auditors should seek and capture objective evidence

On successful completion of this course, participants will be able to /p>

  1. Discuss how ISO/IEC 27001:2022 relates to the business management system
  2. Understand the application of an ISMS in the context of ISO/IEC 27001:2022
  3. Understand the relationship of an ISMS with the critical information of an organisation
  4. Review the ISMS documentation including the risk assessment and Statement of Applicability
  5. Assess an ISMS for its compliance with the security objectives of an organisation and ISO/IEC 27001:2022

You should have knowledge of how management systems work and the key Plan-Do-Check-Act (PDCA) cycle. You should also have knowledge of the requirements of ISO/IEC 27001:2013. If you do not, we recommend attending our one day ISO/IEC 27001:2022 Foundation course

This course has been updated with the new controls in Annex A which reflect the changes to ISO 27002:2022

This course is ideal for those who will be either taking part in or leading audits of an ISMS that conforms to ISO/IEC 27001:2022 in any organisation.

Suggested job roles and their teams include (but not limited to)

  1. Information security managers
  2. IT and Corporate security managers
  3. corporate governance managers
  4. Risk and compliance managers
  5. Information security consultants

Upcoming Courses

This two day advanced course develops the skills needed to perform effective internal/external audits against the ISO/IEC 27001:2022 Information Security Management Systems standard. Participants will learn how to use an audit program to monitor and improve their organization's Information Security Management System, and develop the skills needed to conduct effective audits. This course forms part of the five-day Lead Auditor in Information Security systems course and provides a technical understanding of ISO/IEC 27001:2022.
Find out more »
Load More

Related Courses