Conducting ISO 27001 Internal Audits

Everything You Need to Know about
Auditing ISO 27001 Processes and Controls
in 4 Insightful Webinars from URM

Internal audits play an absolutely critical and pivotal role in ensuring that your ISO 27001 information security management system (ISMS) is functioning correctly and that your key processes and information security controls are working as intended.  But, how do you get the most from your ISO 27001 internal audits?  URM has developed a series of 4 webinars which cover all aspects of planning, preparing, delivering, reporting and following up ISO 27001 audits.

By watching these webinars, you will gain invaluable practical advice from one of the UK’s leading ISO 27001 consultancy and auditing organisations, which has been involved in hundreds of ISO 27001 implementations and thousands of ISO 27001 audits.

Webinar 1
ISO 27001 Internal Auditing, the 6 Pillars of Success

In this first webinar, we provide an overview of the key components of developing, delivering and following up ISO 27001 internal audits:

  • Planning your ISO 27001 audit programme
  • Preparing for each audit
  • Conducting your audit
  • Audit reporting
  • Following up audit findings
  • Closing down the audit.

To access this webinar, click here

Webinar 2
Planning Your ISO 27001 Audit Programme

Here, you will receive invaluable advice on the critical foundation steps when planning your audit programme.  Watching this webinar will help you:

  • Sell the benefits of your ISO 27001 internal audit programme to senior management
  • Determine audit methodology to ensure consistency
  • Scope and prioritise your audits
  • Set the criteria against which audits will be conducted
  • Determine auditor competence.

To access webinar, click here

Webinar 3
Preparing for and Conducting ISO 27001 Internal Audits

In this webinar, URM provides advice and guidance on the steps you should take in preparing for and conducting ISO 27001 internal audits.  Watching this webinar will help you prepare for audits by providing hints and tips on:

  • Appointing auditors and gaining management commitment
  • Defining objectives, scope and criteria
  • Reviewing previous reports and templates.

The webinar also provides practical guidance on conducting audits, focussing on:

  • Conducting opening meeting
  • Collecting evidence
  • Interview techniques
  • Sampling approaches.

To access this webinar, click here

Webinar 4
How to Report on and Follow Up ISO 27001 Audits

In this final webinar of the series, URM provides advice and guidance on closing your ISO 27001 internal audits and how to report your findings, e.g., how to identify major and minor nonconformities (NCs), opportunities for improvement (OFIs) and observations (OBS’).  The webinar covers:

  • Classification and examples of findings and where and when to report major and minor NCs, OFIs and OBS’
  • Closing an audit meeting and what to include (and not) in your wrap up with auditees
  • Reporting of findings, e.g., what reports should include and what evidence is required
  • Following up audit findings, inc. how to maximise opportunities for improvement, corrective actions and conducting root cause analyses.

To access this webinar, click here


Please note, we can only process business email addresses.

Very concise webinar giving some interesting thoughts on transition etc. and guidance on preparation for transition.
Webinar 'ISO 27001:2022 – What’s new?'