The aim of the course is to provide an understanding of the principles and practices of Information Security Management System (ISMS) auditing and to impart practical training on information security (IS) auditing skills. The course will cover all sections of the ISO 27001:2013 standard in detail, with tips on how to audit individual clauses to allow users to achieve continual improvement.

Learning Outcome
During the 5 day course participants will:
  • Gain a critical understanding of best practice in audit methodology.
  • Learn how to prepare, lead and report on the findings of an ISMS audit
  • Learn how to identify non conformances and ensure that appropriate corrective action is undertaken.
  • Gain detailed knowledge of how to audit against the specific sections of ISO 27001.

Participants will also get a full briefing on:
  • Audit preparation.
  • Managing an audit team.
  • Determining compliance with the standard.
  • Interview technique.
  • Following audit trails.
  • Documenting evidence.
Participants are expected to have basic understanding of Information Security.

The course meets the training requirements for individuals looking to work as Auditors / Lead Auditors on ISMS.


All participants who successfully complete five day training will be awarded the “Certification of Participation. Participants, who pass the continuous assessment during the course and the written exam on the fifth day of the course, will be awarded the “Lead Auditor Certificate".


  • Introduction
    • Auditor Codes of Conduct.
  • An Overview of ISMS
    • Examine ISO 27001:2013.
    • Risk Assessment Methodology and Practice.
    • Reviewing of ISMS requirements.

  • The Auditing Process
    • What is an Audit and why are Audits necessary?
    • The Audit Process & phases
    • Planning of audit
    • Audit Situation studies.
    • Role Play and Verbal Presentations.
    • Audit terminologies/definitions.
    • Purpose and scope of first, second and third party audits.
    • Preparation for audits including preparation of check lists.
    • How to collect audit evidence.
    • Questioning techniques during audits.
    • How to evaluate collected audit evidence to determine the extent of compliance with the audit criteria.
    • How to decide and document non-conformities, observations and suggestions/ recommendations for improvement.
    • Evaluation and acceptance of corrective action plan proposed by the audited department.
    • Verification and actions taken on non-conformities and closure of NCRs.


Date: 22 November 2016 – 26 November2016

Timing: 09:00 AM – 05:00 PM

Venue: Park Inn by Radisson-Conference Center Heathrow, London.

Fee: Residential: £1350 +VAT - Non-residential: £850 + VAT (Early bird discount of30%)

Technical Support : Call Us +44 1344292210