Autoplay
Autocomplete
Previous Lesson
Complete and Continue
ISO 27001: 2022 Internal Auditor Course
Training Overview
Description of Training
Introduction
Introduction to the course (4:07)
Module 1 - Introduction to ISO 27001
Introduction & suggested reading
What is ISO 27001? (1:32)
The structure of ISO 27001 (2:34)
Information security principles (2:51)
Introduction to the Information Security Management System (2:57)
Implementing ISO 27001 requirements (3:03)
Implementing ISO 27001 as a project (1:34)
Documenting ISO 27001 requirements (3:55)
ISO 27001 Benefits (2:44)
Certification FAQs (2:59)
Related documentation
Recap quiz
Module 2 - The planning phase
Introduction & suggested reading
Understanding your organization and its context [clause 4.1] (2:34)
Understanding the needs and expectations of interested parties [clause 4.2] (2:04)
Determining the scope of the ISMS [clause 4.3] (2:16)
Leadership and commitment [clause 5.1] (2:11)
Information Security Policy [clause 5.2] (1:29)
Organizational roles, responsibilities and authorities [clause 5.3] (2:42)
Information security objectives [clause 6.2] (2:43)
Resources [clause 7.1] (2:05)
Competence [clause 7.2] (1:38)
Awareness [clause 7.3] (1:40)
Communication [clause 7.4] (1:44)
Documented information [clause 7.5] (3:44)
Related documentation
Recap quiz
Module 3 - Risk management
Introduction & suggested reading
Addressing risks and opportunities [clause 6.1.1] (2:08)
Risk management process [clause 6.1.2] (2:38)
Information security risk assessment – Risk identification [clause 6.1.2] (3:25)
Information security risk assessment – Risk analysis and evaluation [clause 6.1.2] (3:13)
Information security risk treatment [clause 6.1.3] (3:27)
Statement of Applicability [clause 6.1.3] (2:17)
Risk treatment plan [clause 6.1.3] (0:52)
Related documentation
Recap quiz
Module 4 - The Do phase
Introduction & suggested reading
Formulating the risk treatment plan [clause 6.1.3] (2:26)
Implementing the risk treatment plan [clause 8.3] (1:32)
Operational planning and control [clause 8.1] (2:51)
Operating the ISMS [clause 8] (1:27)
Managing outsourcing of operations [clause 8.1] (2:33)
Controlling changes [clause 8.1] (2:29)
Risk assessment review [clause 8.2] (2:08)
Related documentation
Recap quiz
Module 5 - The Check and Act phases
Introduction & suggested reading
Monitoring, measurement, analysis, and evaluation [clause 9.1] (4:04)
Internal audit [clause 9.2] (3:05)
Management review [clause 9.3] (3:15)
Nonconformities and corrective actions [clause 10.1] (4:33)
Continual improvement [clause 10.2] (2:37)
Related documentation
Recap quiz
Module 6 - Overview of Annex A
Introduction & suggested reading
Introduction to Annex A (5:18)
People controls (2:05)
Physical controls (3:37)
Technological controls – overview and new controls (4:13)
Technological controls – software development (2:51)
Technological controls – operational security (4:48)
Organizational controls – policies and responsibilities (3:22)
Organizational controls – information and asset management (1:52)
Organizational controls – operational security (2:43)
Organizational controls – supplier security (3:14)
Organizational controls – incidents and business continuity (4:52)
Organizational controls – compliance, privacy, and legal aspects of security (2:49)
Related documentation
Recap quiz
Module 7 - Introduction to the internal audit
Introduction & suggested reading
Internal vs external audit (2:06)
The main purpose of the internal audit (1:31)
ISO Requirements for internal audits (2:14)
Criteria for selecting the internal auditor (1:37)
The audit findings (1:30)
Nonconformities (2:09)
Observations (1:50)
Major and minor nonconformities (3:57)
Related Documentation
Recap quiz
Module 8 - Organizing the internal audit
Introduction & suggested reading
Organizing the internal audit (1:08)
Internal audit procedure (1:56)
Annual audit program (3:48)
Audit plan for an individual audit (1:52)
Related Documentation
Recap quiz
Module 9 - Internal audit elements
Introduction & suggested reading
Internal audit elements (2:36)
Document review (2:02)
Creation of the checklist (3:01)
Internal audit report (1:29)
Corrective action requests and corrective action follow-up (2:00)
Related Documentation
Recap quiz
Module 10 - The main audit
Introduction & suggested reading
Auditor assumptions (1:24)
Techniques for finding evidence (2:54)
Sampling the records (1:35)
Recording the evidence (2:22)
Interviewing techniques (4:05)
Remote audits (1:50)
Auditing integrated management systems (2:02)
Related Documentation
Recap quiz
Instructions for taking the exam and obtaining the certificate
Related documentation
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock