Having the confidence to effectively audit an ISMS in accordance with internationally recognized best practice techniques. Demonstrate your commitment to quality by transforming existing auditor skills to ISO 27001:2013.
You’ll grasp the key principles and practices of effective ISMS audits in line with ISO 27001:2013 and ISO 19011:2018 “Guidelines for auditing management system”.
  • Duration: Contact for details
  • Location: After agreement

Who should attend?

Information security managers, IT and corporate security managers, Corporate governance managers, Risk and compliance managers and Information security consultants


You should have a good knowledge of ISO 27001:2013 and the key principles of a ISMS. If not, we strongly recommend you attend our ISO 27001:2013 Requirements course. It will also help if you have attended an internal or lead auditor course or have experience with conducting internal or supplier audits.


BSCC Certification

Using a step-by-step approach, you’ll be guided through the entire audit process from initiation to follow-up. In 5 days, you’ll gain the knowledge and skills required to undertake and lead a successful management system audit. Learn to describe the purpose of an ISO 27001:2013 ISMS audit and satisfy third-party certification. You’ll acquire the skills to plan, conduct, report and follow up a ISMS audit that establishes conformity and enhances overall organizational performance.

You will sit a 2 hour exam to test your knowledge and understanding.

What will you learn?

    • On completion, successful delegates will have the knowledge and skills to perform first, second and third-party audits of quality management system against ISO 27001, in accordance with ISO 19011 and ISO/IEC 17021, as applicable.
    • ISMS standards
    • ISMS management system audit
    • Third-party certification
    • Business benefits
    • Explain the role and responsibilities of an auditor to plan, conduct, report and follow-up a ISMS audit in accordance with ISO 19011, and ISO/IEC 17021, as applicable

What is your benefit in our training?

    • Identify the aims and benefits of an ISO 27001:2013 audit
    • Interpret ISO 27001:2013 requirements for audit application
    • Plan, conduct and follow-up auditing activities that add real value
    • Grasp the application of risk-based thinking, leadership and process management
    • Access the latest auditor techniques and identify appropriate use
    • Successful auditing will improve the protection of any organization’s private data to meet market assurance and corporate governance needs

At the end of this course you will have skills to

    • Plan
    • Conduct
    • Report, and
    • Follow-up an audit of a ISMS to establish conformity (or otherwise) with ISO 27001 and in accordance with ISO 19011, and ISO/IEC 17021, as applicable

What’s included?

    • A copy of the standard ISO 27001:2013
    • Detailed course notes
    • Lunch and refreshments
    • Internationally recognized BSCC Training Certificate