Back to Courses
ISO 55001

ISO 55001: 2024 Internal Auditor Training

  • Introduction to ISO/IEC 27701:2019 and its importance in extending an Information Security Management System to include privacy controls and Personally Identifiable Information (PII) management

  • Understanding the purpose, scope, and structure of internal auditing within a Privacy Information Management System (PIMS)

  • Overview of internal audit principles, including independence, objectivity, evidence-based evaluation, and risk-based thinking

  • Detailed understanding of how ISO 27701 integrates with ISO/IEC 27001 and supports privacy governance

  • Planning internal audits, including defining audit scope, objectives, criteria, frequency, and audit program development

  • Preparing for audits by reviewing documentation, policies, procedures, and applicable legal and regulatory privacy requirements

  • Conducting effective audit activities such as opening meetings, process walkthroughs, interviews, sampling, and observation techniques

  • Evaluating the effectiveness of privacy controls for both PII controllers and PII processors

  • Identifying gaps, nonconformities, risks, and opportunities for improvement within the PIMS framework

  • Applying audit methodologies to assess compliance with organizational policies and privacy requirements

  • Collecting, verifying, and documenting objective audit evidence to support findings

  • Preparing structured, clear, and concise audit reports for stakeholders and senior management

  • Communicating audit results effectively, including nonconformities and recommended corrective actions

  • Managing corrective action processes, including root cause analysis and verification of implementation

  • Conducting follow-up audits to ensure closure of findings and effectiveness of corrective actions

  • Ensuring auditor independence, ethical behavior, and professional conduct throughout the audit lifecycle

  • Supporting continual improvement of the organization’s privacy management system and strengthening data protection maturity

6 lessons
16h estimated
Certificate included
ISO 55001: 2024 Internal Auditor Training