CALL US +1 (646) 759 9933
ENROLL FOR FREE
  • Access the course for free
  • UNLIMITED ACCESS
  • 10 MODULES
  • COURSE DURATION: 15 hours
  • Purchase Certificate
    US$ 449
  • With the certificate you get:
  • Certificate approved by Exemplar global
  • Access to course script

  • Leading international authority in certification of training providers

ISO 27001:2013 Internal Auditor Course

In this free online course you’ll learn everything you need to know about ISO 27001, but also how to perform an internal audit in your company. The course is made for beginners in information security and internal auditing, and no prior knowledge is needed to take this course. If you like this course, you can go for the certification exam.

The exam from this course is certified by Exemplar Global (formerly RABQSA). After passing the exam you will receive a certificate proving that you attained Information Security Management Systems and Management Systems Auditing competencies.

The course is organized into 10 modules, where each module has several video lectures and activities that will help you learn more quickly, as well as a practice exam that will prepare you for the certification exam – please see below for the content of each module. All the video lectures are pre-recorded, so you can take the course from anywhere, at any time for your convenience.

  • The total course duration, including the reading of required materials, is approximately 15 hours.
  • Materials provided in the course (video lectures, articles, and activity questions) are everything you need to successfully pass the certification exam.
  • There is no time limit for taking the course, but it is recommended that you finish it within two weeks’ time.
  • The access to this course and to the practice exams is completely free; the fee for the certification exam is US$ 449– after you pass the exam you’ll receive your certificate in a matter of days.
  • After you purchase the exam, you will receive a bonus PDF containing scripts from all of the video lectures, activity questions, practice exams, and links to additional reading.

Course Curriculum

Introduction
Introduction to the course 04:00:00
Module 1 - Introduction to ISO 27001
Introduction & suggested reading 00:00:00
What is ISO 27001? 01:30:00
The structure of ISO 27001 02:30:00
Information security principles 02:30:00
Introduction to the Information Security Management System 02:30:00
Implementing ISO 27001 requirements 03:00:00
Implementing ISO 27001 as a project 01:30:00
Documenting ISO 27001 requirements 03:30:00
ISO 27001 Benefits 02:30:00
Related documentation 00:00:00
Practice exam 00:00:00
Module 2 - The planning phase
Introduction & suggested reading 00:00:00
Understanding your organization and its context [clause 4.1] 02:30:00
Understanding the needs and expectations of interested parties [clause 4.2] 02:00:00
Determining the scope of the ISMS [clause 4.3] 02:00:00
Leadership and commitment [clause 5.1] 02:00:00
Information Security Policy [clause 5.2] 01:00:00
Organizational roles, responsibilities and authorities [clause 5.3] 02:30:00
Information security objectives [clause 6.2] 02:30:00
Resources [clause 7.1] 02:00:00
Competence [clause 7.2] 01:30:00
Awareness [clause 7.3] 01:30:00
Communication [clause 7.4] 01:30:00
Documented information [clause 7.5] 03:30:00
Related documentation 00:00:00
Practice exam 00:00:00
Module 3 - Risk management
Introduction & suggested reading 00:00:00
Addressing risks and opportunities [clause 6.1.1] 02:00:00
Risk management process [clause 6.1.2] 02:30:00
Information security risk assessment – Risk identification [clause 6.1.2] 03:00:00
Information security risk assessment – Risk analysis and evaluation [clause 6.1.2] 03:00:00
Information security risk treatment [clause 6.1.3] 03:00:00
Statement of Applicability [clause 6.1.3] 02:00:00
Risk treatment plan [clause 6.1.3] 00:30:00
Related documentation 00:00:00
Practice exam 00:00:00
Module 4 - The Do phase
Introduction & suggested reading 00:00:00
Formulating the risk treatment plan [clause 6.1.3] 02:00:00
Implementing the risk treatment plan [clause 8.3] 01:30:00
Operational planning and control [clause 8.1] 02:30:00
Operating the ISMS [clause 8] 01:00:00
Managing outsourcing of operations [clause 8.1] 02:30:00
Controlling changes [clause 8.1] 02:30:00
Risk assessment review [clause 8.2] 02:00:00
Related documentation 00:00:00
Practice exam 00:00:00
Module 5 - The Check and Act phases
Introduction & suggested reading 00:00:00
Monitoring, measurement, analysis, and evaluation [clause 9.1] 04:00:00
Internal audit [clause 9.2] 01:30:00
Management review [clause 9.3] 03:00:00
Nonconformities and corrective actions [clause 10.1] 04:30:00
Continual improvement [clause 10.2] 02:30:00
Related documentation 00:00:00
Practice exam 00:00:00
Module 6 - Annex A – Control objectives and controls
Introduction & suggested reading 00:00:00
Introduction to Annex A – Reference control objectives and controls 02:30:00
Structure of Annex A 04:00:00
Information security policies [A.5] 02:00:00
Organization of information security [A.6] 02:30:00
Human resources security [A.7] 01:30:00
Asset management [A.8] 02:30:00
Access control [A.9] 02:00:00
Cryptography [A.10] 02:00:00
Physical and environmental security [A.11] 03:00:00
Operational security [A.12] 03:30:00
Communications security [A.13] 04:00:00
System acquisition, development and maintenance [A.14] 04:30:00
Supplier relationships [A.15] 02:30:00
Information security incident management [A.16] 03:30:00
Information security aspects of business continuity management [A.17] 03:00:00
Compliance [A.18] 03:00:00
Related documentation 00:00:00
Practice exam 00:00:00
Module 7 - Introduction to the internal audit
Introduction & suggested reading 00:00:00
Internal vs. external audit 01:30:00
The main purpose of the internal audit 01:30:00
Requirements of ISO 27001 03:30:00
Criteria for selecting the internal auditor 02:00:00
The audit findings 01:30:00
Nonconformities 02:00:00
Observations 01:30:00
Major and minor nonconformities 00:30:00
Definition of major nonconformity 03:30:00
ISO 19011 00:30:00
Related documentation 00:00:00
Practice exam 00:00:00
Module 8 - Organizing the internal audit
Introduction & suggested reading 00:00:00
Organizing the internal audit 01:30:00
Internal audit procedure 02:30:00
Annual audit program 04:30:00
Audit plan for an individual audit 03:00:00
Related documentation 00:00:00
Practice exam 00:00:00
Module 9 - Internal audit elements
Introduction & suggested reading 00:00:00
Internal audit elements 03:00:00
Document review 03:00:00
Creation of the checklist 03:30:00
Internal audit report 01:30:00
Corrective action requests 01:00:00
Corrective action follow-up 01:00:00
Related documentation 00:00:00
Practice exam 00:00:00
Module 10 - The main audit
Introduction & suggested reading 00:00:00
Auditor assumptions 01:30:00
Techniques for finding evidence 04:30:00
Sampling the records 01:30:00
Recording the evidence 02:00:00
Interviewing techniques 04:00:00
Related documentation 00:00:00
Practice exam 00:00:00
Instructions for taking the exam and obtaining the certificate 00:00:00

Benefits of getting the certificate

Certificate of competence proves that you attended the eTraining course, and that you passed the exam certified by Exemplar Global (formerly RABQSA). This ensures that you understand and can apply the knowledge you gained in each of the course's modules.

How to get certified?

It's simple:
1) Watch complete videos of all lectures, and answer all practice exams.
2) Pass the online certification exam.

Course Script

If you decide to purchase the exam you will get the PDF script from the course completely free. The script includes everything said in the videos and all activity questions as well as practice exams.

This way, you can access course materials any time you like, making it much easier to practice and prepare for the exam.

Course Reviews

  1. Great course !

    Very clear, concise and precise. The format is perfect to learn quickly and advisera team is really reactive. Thanks Guys.

    5
  2. Excellent well structured course

    Brilliant – I like the short modules with follow-up practical questions, reinforcing the learning. Excellent, thank you.

    5
  3. Passed the internal audit exam

    Big thanks to Advisera, all the training modules were intuitive and easy to understand. Doing the certification forces you to really go over each module and understand it well. I am sure if I didn’t force myself to pay for the certificate I wouldn’t have learnt the course as well as I did.

    I would recommend anyone doing this course or working in this industry to purchase the certificate and book the exam 3 or 4 weeks later. That way it will force you to spend time going through each module and the practice exams. Without doing this I believe its too easy to skim over the modules without learning them properly.

    5
  4. Great material provided with a great teaching approach.

    M Dejan Kosutic, is knowledgeable on the subject matter and provides clear examples and instructions that greatly facilitated learning. I’ve been recently certified as ISO27001 Lead Implementor but if I knew this course before, i would have used the first part as training material !
    Here is the icing on the cake : all this for free (if you don’t need the certificate) !
    As I don’t really need it I felt a bit ashamed of not retribute his work so, at least, i wanted to thank him and this website deeply through this review but I am keen to stress that I mean each word !

    5
  5. Reg: Video

    I am not able to access video.
    Flie has been removed.
    Kindly upload it

    1
  6. ISO 27001

    THANK YOU!

    5
  7. Very well structured, to the point and excellent value.

    I found this course to be a great knowledge source for all who need more about information security and ISO systems in general. It’s informative, practical, interesting and connected to real world examples.

    5
  8. ISO 27001 internal Audit

    Excellent presentation given by a gentleman that knows his material.

    The only negative thing I would like to add, is that it would be nice to be able to get these presentations via text, basically everything that is said and displayed during the presentation, would be very helpful to be able to read it all, since that is the way I learn better

    4
  9. Nice Course

    Good Course with nice video tutorials

    5
  10. Very good

    Some questions under the videos are not in line with the tutors’ videos. That is VERY confused. I followed the tutor as the correct source and not the Q&A.
    In general a very good program

    4
  11. Review of ISO27001 Internal Auditor Course

    The course is well structure, very easy language and supported by good examples. Not boring at all.
    Thanks for good work.

    5
  12. Well structured

    The course is well structured and the language is very easy to understand.

    welldone

    5
  13. ISO27001 Internal Audit Course

    Very good course indeed, Congratulations for your work.
    As a suggestion, I should put an small text explaining what is the goal of the video on each page and links to your articles when necessary.

    5
  14. ISO27001 Internal Audit Course

    Excellent and complete course to ISO 27001 Internal Auditor.
    Very helpful and clear.
    I recomend it for all those want to go a step (or more) further to the Foundations Course.
    Thanks!

    5
  15. ISO27001 Internal Audit Course

    Provided an excellent introduction to ISO 27001 which supported the later stages of the course on internal auditing. As and already qualified ISO9001 lead auditor I already had the framework for internal auditing, but even so found the course extremely useful, and was comparable in content to some classroom courses I have attended

    5
  16. ISO 27001:2013 Internal Auditor

    The structure and content of the course are very well though out. I found the course easy to follow and clear.

    5
  17. ISO 27001:2013 Internal Auditor Course

    The explanations are very clear and objective.

    5
  18. ISO 27001:2013 Internal Auditor Course

    Very informative course.

    4
  19. Very helpful, clear and explicit content. Thanks

    5
  20. Informative, Targeted and Detailed

    This is a great course, it is easy to understand and is extremely detailed. Support is also intuitive and helpful. Keep up the great work.

    5
  21. Helpfull and targeted

    It was both easy to understand and comprehensive.
    It would be even more helpfull if such a course also for more detailed risk management based on ISO 27001 and related standards in combination with this one exist.
    I also should thank support team for their quick response in case of problems! I made contacts 2 times and they were ready to answer within few seconds.

    5
  22. Loved this free course.

    This was a very helpfull course for me, clear and precise. Along with Advisera very good articles and Dejan ebooks it gave me a very good understanding of the ISO 27000/22301 landscape and then a first overwiew of the internal audit purpose. Thank you Dejan for this great work!

    5
  23. Shrikanth Hosur

    One of the best courses I have attended so far. Nuggets from Dejan’s experience and to the point and no nonsense kind of explanation has given me rich experience to upgrade myself. Thanks Dejan and team for all the hard work they have put in to chart this online course and other materials. Best wishes. God bless.

    5
  24. ISO27001

    The course is very good and easy to understand and just complete the course now.

    Great job Dejan.

    Freddy Ntwari

    5
  25. ISO 27001

    This is an absolutely great work and a huge contribution as well. I keep placing my fingers on and off the keyboard because I don’t know what to write – I am honestly short of words.

    Thank you Dejan.

    5
  26. introducction

    course is in two parts, the second is about internal auditor

    5
  27. Clear and excellent course

    Thanks! A very useful course

    5
  28. thanks a lot for this enriching information for free enjoyed and learned a lot from it to take a my career to the next level

    ISO 27001 INTERNAL AUDIT is the study on interest for me will be coming back for more cheers

    5
  29. It's really worth

    Thanks Dejan! This course is very useful for me.

    #GoAlone

    5
  30. well simplified and explained in detail.

    5
  31. Blown away with the level of details in a very good and clear English...

    I usually do not leave feedbacks, but for this course I just could not hold myself back. Dejan has done a great job in explaining all the sections of 27001 in a very precise and clear to understand english. Anyone who wants to understand what 27001 is, I bet you are not going to find anything like this. This is hands down the best online zero cost tutorial and beats the ones where there is a cost associated.

    Kudos Dejan for such a great job!!

    5
  32. Internal auditor corse ISO27001

    For those who are interested in ISMS, it’s the best course, presented in a very beautiful and clear English
    I appreciated

    5
  33. Excellent Course

    This course is very useful!
    Thanks Dejan.

    5
  34. Very good Internal Audit Course

    The course is very good and easy to understand but I am still follow up .

    Great job Dejan.

    Freddy Ntwari

    5
  35. Excellent Internal Audit Course

    The course was excellent and free
    Thank you.
    Leonardo Miljko

    5
  36. Excelent.
    Izvrsno.

    5
  37. Internal Audit Course

    Great job by Dejan.

    5
  38. View moreShow less

Frequently Asked Questions

No, you can attend the course as long as you like; however, you should try to finish it in a couple of weeks because otherwise, you won’t get enough benefits out of it.

You can access it any time – the course is a combination of recorded video lectures, quizzes, reading, and other activities, and because all those materials are readily available, you can access them at a time that is convenient for you.

None. The course was made in such a way that a beginner in this topic can easily understand it.

Well, we have to make money somehow :). We have made most of the course freely available, but to access the exam and get the certificate you’ll have to pay a fee – by the way, this fee is by far smaller than the fee for attending the classroom-type course. Additionally, when you pay for the certificate, you will be able to download a PDF scripts from all of the video lectures, activity questions, practice exams, and links to additional reading. This way, you can access the content from the course and prepare for the exam much more easily.

The exam, as well as the whole course, is completely done online, from your office, your home, or any other place convenient for you. For the exam we use an online proctoring service – click here to learn more.

After you finish attending the course, you can go for the exam – if you finish this exam successfully, i.e., if your score is above the minimum, then you will receive the certificate. By the way, during the exam we use an online proctoring service that will ask for proof of your identity, and make sure that you have taken the exam with no external help. Click here to learn more about online proctoring.

The course is a combination of recorded video lectures, quizzes, reading, and other activities – the course takes you through all these materials in an optimal way.

You can access the course using your PC, Mac, or mobile device, using any major browser (i.e., Chrome, Mozilla, Internet Explorer, Safari); a broadband Internet connection will also be needed. And, of course, enough time to attend the course.

The materials provided in the course – recorded video lectures, quizzes, reading, and other activities – are everything you need to successfully pass the exam and obtain the certificate. The best part is: they are completely free with unlimited access!

If you decide to purchase the exam, you will receive a bonus PDF containing scripts from all of the video lectures, activity questions, practice exams, and links to additional reading. This way, you can prepare for the exam much more easily.

OUR CLIENTS

OUR PARTNERS


  • Advisera is Exemplar Global Certified TPECS Provider for the IS, QM, EM and AU Competency Units.

  • ITIL® is a registered trade mark of AXELOS Limited. Used under licence of AXELOS Limited. All rights reserved.

  • DNV GL Business Assurance is one of the leading providers of accredited management systems certification.