USD 545.00
Currency
30-Day Money-Back Guarantee
Qty:
An ISMS audit isn't like auditing a quality system. You're not just checking whether procedures are followed – you're verifying that information assets are genuinely protected, that controls are working as designed, and that risks identified on paper are actually being managed in practice. That takes an auditor who understands both the 93 controls and how to gather evidence in an information security context.
This online Auditor training builds that capability. You'll learn how to interpret ISO/IEC 27001:2022 requirements from an auditor's perspective, evaluate controls across all four categories (Organizational, People, Physical, Technological), assess risk treatment plans, and document findings that drive real security improvements. Through a structured curriculum combining theoretical knowledge with practical application, you'll develop the competence to audit information security management systems against ISO/IEC 27001:2022.
The course is delivered entirely online and is self-paced, allowing you to progress through the material according to your own schedule. Upon successful completion, you will receive a certificate documenting your training as an ISO/IEC 27001 Auditor.
Enroll Risk-Free
Access the full course today, and if you're not satisfied within 30 days, get a full refund – no questions asked.
An effective internal auditor does more than check compliance boxes. They help their organization identify improvement opportunities and strengthen information security. A competent ISO/IEC 27001 auditor must be able to:
This course develops these capabilities through structured lessons, practical examples, and audit resources you can apply immediately in your organization.
The training is organized into ten focused sessions that build your knowledge progressively. Sessions include:
Session 1: Overview of ISO/IEC 27001:2022 Information Security Management System
An introduction to ISO/IEC 27001 and the 2022 revision – its purpose, scope, and importance for information security. Understand what an ISMS is, why certification matters, and how the 2022 version differs from the 2013 version.
What you'll learn: The role of ISO/IEC 27001 in information security, the key changes in the 2022 revision, and what these changes mean for how you'll audit going forward.
Session 2: ISO/IEC 27001:2022 Requirements
A comprehensive clause-by-clause review of the ISO/IEC 27001:2022 standard. You will examine each requirement in depth, understanding what constitutes acceptable evidence of conformity in an information security context.
What you'll learn: Detailed understanding of ISO/IEC 27001 requirements and how to evaluate conformity during an internal audit.
Session 3: ISO/IEC 27001:2022 ISMS Controls
A detailed examination of all 93 controls organized into 4 categories: Organizational, People, Physical, and Technological. Learn about the 11 new controls introduced in the 2022 revision, including threat intelligence, cloud security, and secure coding.
What you'll learn: How to audit each control category and verify that controls are effectively implemented.
Session 4: Documented Information
A focused examination of documented information requirements for ISMS. Learn the distinction between documents and records and what documentation is typically required for ISO/IEC 27001 compliance.
What you'll learn: How to verify that ISMS documentation is properly maintained and controlled.
Session 5: Risk Management
Risk assessment and treatment are core to ISO/IEC 27001. This session covers the risk management process, including identifying information assets, assessing threats and vulnerabilities, determining risk levels, and evaluating risk treatment plans.
What you'll learn: How to audit risk management processes and verify that risk treatment is appropriate and effective.
Session 6: ISMS Internal Audit Process
This session introduces the complete internal audit cycle, from planning through follow-up. Learn audit methodologies, how to prepare for an ISMS audit, and how to conduct audit activities professionally.
What you'll learn: How to plan and conduct internal audits of information security management systems.
Session 7: ISMS Internal Audit Records
Audit proceedings and findings must be properly documented. This session covers audit preparation documentation, evidence gathering, audit reporting, and completion with follow-up activities including nonconformity reports.
What you'll learn: How to document audit activities and maintain records that demonstrate compliance.
Session 8: Terms and Definitions
Clear understanding of ISMS terminology is essential for effective auditing. This session defines key terms used in ISO/IEC 27001 and information security management.
What you'll learn: The vocabulary of information security auditing and how to apply terms correctly during audits.
Session 9: Steps for ISO/IEC 27001:2022 Installation and Certification
This session examines the complete implementation pathway, from initial gap analysis through certification audit. Understanding this process helps auditors provide valuable insights during internal audits.
What you'll learn: How organizations implement ISO/IEC 27001 and how internal audits support the certification process.
Session 10: Climate Action Changes – New Amendments (2024)
This session covers the latest amendments to ISO/IEC 27001 regarding climate action. Understand how climate change considerations are now integrated into the ISMS framework and what auditors need to verify.
What you'll learn: The 2024 climate action amendments and their implications for ISMS audits.
The course provides comprehensive resources that support learning and serve as valuable references:
This training is designed for individuals who need to participate in or support internal audits of information security management systems. Typical participants include:
The course is appropriate for those new to auditing as well as experienced professionals seeking to update their knowledge of ISO/IEC 27001:2022.
Note: If you need to lead audit teams, plan audit programs, or conduct third-party audits, the ISO 27001 Lead Auditor Training is a better choice.
The training program includes session exams and a comprehensive final examination. The assessments are in multiple-choice format and are designed to verify your understanding of the course material. To pass, you need a score of 60% or higher. If you do not pass on your first attempt, you may retake any exam at no additional charge.
Graduates receive a Certificate of Completion bearing the Exemplar Global accreditation mark. This certificate documents successful completion of ISO/IEC 27001 Auditor training and the final examination.
Certificates are issued in digital format upon passing the final examination. You may download, add to LinkedIn, and print your certificate directly from your course dashboard.
Training multiple internal auditors for your ISO/IEC 27001 information security management system? Our platform makes it simple to purchase multiple seats and manage enrollment across your organization.
Whether you’re training one internal auditor or building a team to cover your entire ISMS scope, the manager dashboard gives you oversight of every learner's progress.
Course access, materials, certificate plus manager dashboard for bulk enrollment.
Self-paced learning – fit the 16 hours program into your schedule without disrupting business.
Instructor access and technical support whenever you need assistance.
30-Day Money-Back Guarantee – enroll risk-free.
Instant access after enrollment with 3 months to complete.
Learn on any device – Windows, Mac, iOS, or Android.
Michael Brown
18 May 2025
Clear and practical. Loved the handouts—150 pages is no joke, but they're well-organized and I still refer back to them when preparing reports. Icons like ...
Kevin Murphy
26 November 2025
All those annex controls... it's quite a lot to memorize, and even to understand first. Luckily we can go back and repeat lessons as ...
Covers the 2022 Revision
Includes all 11 new controls and the restructured control categories – you're learning the current standard, not the 2013 version.
Practical Audit Techniques
Learn how to audit controls in practice – not just what the standard says, but what evidence to look for and what questions to ask.
400+ Audit Questions
Includes clause-wise and control-wise checklists you can adapt for audits of your own organization.
Fit Learning Around Audits
Self-paced format means you can study between audit assignments without falling behind.
Once enrolled, you have 3 months access to the course content (can be extended upon request). During this time you can complete the training at your own pace and return to review materials whenever you need to refresh your knowledge.
Course access ends upon successfully completing the final exam.
Auditor training prepares you to participate in internal audits as a team member, covering audit fundamentals and techniques.
Lead Auditor training covers additional competencies required to plan audits, lead audit teams, and manage the entire audit program.
Auditor certification is ideal for those beginning their auditing career or contributing to internal audit programs.
The 2022 revision introduced 11 new controls and reorganized all 93 controls into 4 categories: Organizational, People, Physical, and Technological. Key additions include threat intelligence, information security for cloud services, ICT readiness for business continuity, and secure coding.
The course covers all these changes in detail, ensuring you can audit against the latest requirements.
Yes. The course includes a dedicated session (Session 10) on the Climate Action Changes amendments (2024) to ISO 27001, ensuring your knowledge is current with the latest standard requirements.
Yes. The 400+ question audit checklist provided with the course is designed to be a practical tool that you can customize and use for internal audits within your organization. It covers both clause-wise and control-wise questions.
There are no formal prerequisites except the ability to understand English. Basic knowledge of ISO management systems and interest in information security are advantageous but not required.
While we don't have a sample version available, you can try the entire course without risk! Your purchase includes our comprehensive 30-Day Money-Back Guarantee.
Yes. Bulk enrollment is available and volume discounts apply automatically. Use the quantity selector on this page or contact us for larger groups. A manager dashboard lets you enroll your audit team from one central dashboard.
When you purchase multiple seats, you can designate a course manager during checkout. The manager has 12 months to enroll the team from the dashboard, and each auditor then gets 3 months of access to complete the self-paced training and exam on their own schedule.
Our ISO 27001 courses are used by organizations worldwide to build competent internal audit teams capable of assessing information security controls against the latest standard requirements. Enroll risk-free with our 30-Day Money-Back Guarantee.
(195)
USD 795.00
Online ISO/IEC 27001:2022 Lead Auditor training. Master all 93 controls, the Statement of Applicability, and risk management. Includes 400+ checklist, videos, and Exemplar Global certificate.
(1001)
USD 895.00
Become a Certified ISO 9001 Auditor. Learn to conduct internal QMS audits as a team member. Exemplar Global TPECS accredited with official 110-question exam. 100% online.
