Internal Auditor ISO/IEC 27001:2022 ISMS


The new version of ISO/IEC 27001:2022 “Information security Management System Requirements” has been published. In terms of Information security management, internal audits help any type of organization enhance its internal control and monitor the company’s compliance with this Information security standard in order be prepared for disruptive incidents and recover more quickly. Information security audits are of vital importance as they can be by organizations to determine their vulnerabilities their security network, protect their system from violations, and ultimately increase reliability.


Expand your ability to effectively conduct internal audits within your company or train your audit team according to ISO/IEC 27001:2022 “Information security Management System with our Internal Auditor ISO/IEC 27001 training course.


Aims & Objectives
  • Provide the key requirements and benefits of ISO/IEC 27001:2022
  • Manage information security and drive continual improvement
  • Compare ISO 22301:2019 towards its old version
  • Take steps to ensure that information security is at the heart of your organization
  • Attract and retain customers by meeting their current and future needs
  • Identify the aims and benefits of an ISO/IEC 27001:2022 audit
  • Interpret ISO/IEC 27001:2022 requirements for internal audit application
  • Plan, conduct and follow-up internal auditing activities that add real value
  • Grasp the application of risk-based thinking, leadership and process management
  • Access the latest internal auditor techniques and identify appropriate use
  • Build stakeholder confidence through the most recognised hygiene practice
  • Manage information security risks and hazards effectively


Learning Outcomes
  • Having successfully completed this course you will be able to:
  • Learn the importance and benefits of an ISO/IEC 27001:2022 ISMS and its structure
  • Understand the key requirements, terms and definitions of ISO 27001:2013 and its structure
  • Grasp the main concepts such as risk-based thinking, process approach, Plan-Do-Check-Act
  • Identify opportunities to improve the ISMS of your company
  • Enhance skills to conduct effective internal audits in any auditing situation
  • Understand the role of an auditor to plan, conduct, report and follow up an internal audit in accordance with ISO/IEC 27001:2022
  • Organise and direct audit team members Communicate effectively with the auditee and audit client


Who should attend?
  • Information Security personnel
  • ISMS appointed auditors/consultants
  • Those who wish to understand ISO/IEC 27001:2022 and its application
  • Anyone involved in the planning, implementing, maintaining, supervising, or auditing of an ISO/IEC 27001:2022ISMS
  • Anyone interest in ISMS requirements and audit procedures
  • Those starting their career in Information Security management


Prerequisite skills & knowledge: None required
Available in-house/distant learning? Yes
Created by: LiberoAssurance Continuous Professional Development Training Centre


Part A Contents: ISO/IEC 27001:2022 Requirements
  • Management Systems
  • Goals of a Management System
  • ISO 27001:2022 Structure
Clauses 0-3
  • Introduction
  • Scope
  • Normative References
  • Terms and definitions
Context of the organization
  • Introduction to company’s context
  • Understanding the organization, its context and interested parties
  • Scope of the ISMS
  • ISMS Processes
  • Leadership and commitment
  • Information Security Policy
  • Organizational roles, responsibilities and authorities
  • Actions to address risks and opportunities
  • Information security objectives and planning to achieve them
  • Planning of changes

  • Resources
  • Competence
  • Awareness
  • Communication
  • Documented information
  • Operational planning and control
  • Information security risk assessment & treatment
  • Information security risk treatment

Performance evaluation (Monitoring and Evaluation)
  • Monitoring, measurement, analysis and evaluation
  • Internal audit
  • Management review
  • Continual improvement
  • Nonconformity & corrective action
Annex A - Information security controls reference
Part B Contents: ISO 27001:2013 Internal Auditor
Internal audit overview
  • What is an Audit?
  • Why Audit?
  • Audit Types
Internal Audit
  • Principles of auditing
  • Scheduled and unscheduled Audits
  • What to Audit – Technical Audit
  • Steps involved in internal audit
  • Scope of audit
  • Frequency of audit
  • Internal Audit process
Audit Steps
  • Performing audit activities
  • Audit Plan
  • Developing Checklists
  • Opening Meeting
  • Conducting the Audit
  • Recording Results
  • Non-Conformities and Non-Compliances
  • Closing Meeting (s)
  • Audit Report
  • Audit Follow-up Activities
  • Auditee’s conduct
Audit Programme
  • Establishing the Audit programme objectives
  • Identifying and evaluating audit programme risks
  • Process flow for the management of an audit programme
  • Managing an audit programme
  • Audit programme Implementation
Audit tips and techniques
  • Tips to trained internal auditor
  • Question Technique
  • Competence of the audit programme manager
Auditor’s Performance
  • Auditor’s Quality
  • The Auditors conduct
  • Auditor’s Code of Conduct
  • Auditor Characteristics
  • Auditor's personal behavior
  • The Auditee’s conduct
  • Selecting the audit team members
  • Skills of audit team leaders
  • How to evaluate an Auditor


Exam & Certification
  • Exam for ISO/IEC 27001:2022 Internal auditor
  • ISO/IEC 27001:2022 Internal Auditor Certificate
Teaching Methods
  • Detailed seminar presentations (available for download)
  • Terms and definitions
  • No. of slides: 193


  • Reading lists and resources available in presentations


Study time allocation
  • Private study hours: 23
  • Trainer contact hours: Availability and competence of instructors upon request
  • Enrollment Duration: 90 days (starting from the date of purchase)
  • CPD Points: 23
  • ECTS/ECVET Points: 0.6

Assessment methods


% contribution to final mark

% Minimum passing grade

Exam for ISO/IEC 27001:2022 Internal Auditor





On successful completion of the course assessment, participants will be issued with a ‘Certificate of Success’



With the purchase you get :

   Non conformities - Real Examples
   Audit checklist
   Online examination-3 Attempts
   100% Online course
   CPD Accredited eCertificate – Global acceptance 
   Downloadable course material
  E-learning Mobile App
   Enrolment: 3 months
   Flexible schedule
   Language: English


175,00 € each

© Copyright LiberoGroup  All rights reserved.