Information Security Auditing

This course gives participants an in-depth understanding of the fundamentals for auditing an information security management systems based on ISO 27001 standards.


Upon completion of the course participants will be able to:

  • understand the challenges of auditing an information security management system based on ISO 27001 standards
  • implement an auditing program for ISMS
  • conduct ISMS audits


  • The guide for the audit of management systems: ISO 19011
  • The ISMS audit process
  • Roles and responsibilities
  • Selection and assessment of auditors
  • Planning and implementation of an audit program
  • Conducting a single audit (preparation, on-site, documentation, audit report, follow-up)
  • Audit methods
  • The on-site audit session: * Conversation methods * Escalation procedures
      • Assessment of findings: conformity, effectiveness and efficiency
  • Simulation of audit sessions: * Auditing the documentation * Conducting on-site audits (participants are once auditors, once employees of the audited organisation) * Preparation of an audit report, Tipps and tricks from the practice
  • Mutual exchange of experience

Target group

  • Information Security Management
  • Information Security Risk Management
  • Information Security Audits
  • IT Security
  • IT Security Risk Management
  • Information Security Audits
  • (Internal) Audits
  • Compliance

At a glance

  • Form of learning: Classroom training
  • Location: Munich Airport
  • Language: English


On request

Duration: 2 days


1.800,- € plus 19% VAT

Price includes event attendance, food and drinks during the event.


  • ISH - Information Security Hub

  • Street Südallee 1 
  • Zip code / City 85356   Munich Airport


Team International Training

AirportAcademy - Munich Airport