Log In Register Verify
tiktok video download

Internal Auditor

Internal Auditor Training


ISO 9001:2015 Quality Management System (QMS)

This training helps understand the entire QMS structure, documentation in detail, which forms the organization QMS. It also explains the entire ISO 9001:2015 clauses in detail and their applicability at the process level. The participants are taken through various exercises to interpret the clauses for the given situations. They are also explained how to take corrective & preventive action and are introduced to the QMS documentation structure.


ISO 14001:2015 Environmental Management System (EMS)

Workshop Overview:


    On successfully completing the course, students will be able to:
  • Understand the ISO 14001 standard.
  • Understand key environmental issues.
  • Plan an audit against a set of audit criteria.
  • Successfully execute an environmental management systems audit.
  • Identify strengths and weaknesses of an EMS.
  • Create clear, concise and relevant audit reports.
  • Communicate your report to relevant personnel and management.
    The course uses a mixture of taught sessions, discussions and practical exercises to achieve its aims. The practical exercises are based upon a fictional company. However, the procedures, work instructions and data are typical and could relate to many different enterprises equally. The practical exercises have been carefully designed to focus upon issues that commonly arise during EMS audits.

A prior knowledge of the requirements of ISO 14001 and a general understanding of environmental issues and related subjects would be beneficial, but not essential


ISO 20001:2011 Information Technology Service Management (ITSM)

Workshop Overview:

By conducting effective internal audits, you can ensure that your organization’s IT service management system continually improves and achieves its full potential. Based on ISO/IEC 20000-1:2011 and ISO 19011:2002, this two-day course will guide you through the IT service management internal audit process, from planning and performing the audit to reporting the findings and taking corrective action. During the training, you will develop your auditing skill by taking part in practical exercises, role-playing activities and group workshops. You will also learn how to customize the internal audit framework to suit your organization, and that you can integrate ISO 20000-1:2011 audits with other management systems, such as ISO 9001:2008.

Who should attend?
Individuals interested in monitoring the effectiveness of their organization’s ITSMS implementation and those who want to be ISO/IEC 20000-1 internal auditors.

What will I learn in the training?

    Upon completion of the training, you will be able to:

  • Identify the principles of auditing and auditor responsibilities
  • Plan an internal audit for an ISO 20000-1 IT service management system
  • Conduct informal opening and closing meetings
  • Conduct an audit based on good process identification, sampling and questioning
  • Provide verbal and written feedback
  • Construct and document concise nonconformities
  • Report the audit effectively
  • Follow up on corrective actions

Learning objectives

    Upon completion of the training, you will be able to:

  • Identify the principles of auditing and auditor responsibilities
  • Plan an internal audit for an ISO 20000-1 IT service management system
  • Conduct informal opening and closing meetings
  • Conduct an audit based on good process identification, sampling and questioning
  • Provide verbal and written feedback
  • Construct and document concise nonconformities
  • Report the audit effectively
  • Follow up on corrective actions

ISO 22301:2012 Business Continuity Management Systems (BCMS)

Workshop Overview:

3 days course (3 Day coursework including 2 1/2 hour 100-questions MCQ examination)

Course Description
This course primarily equips individuals to audit BCM readiness using the ISO22301 standard as an internal (first, second and third party) auditor. This course is also relevant to any financial or IT auditors responsible for BCM. A BCM-ready business is highly regarded and prized as a supplier, largely because this company is deemed a reliable and sustainable partner for both the short and long haul. Becoming BCM-ready is a process businesses providing essential services to others cannot ignore, whether required as part of legal obligations stipulated in request for proposal (RFP)/ tender, or it is part of the corporate culture and ethos of the supplying organization. BCM Institute’s BCM-8031 internal audit course provides the audit framework that enables companies to develop and enhance their audit capabilities so as to meet its business requirement. This is primarily achieved through the equipping of internal auditors and Organization BCM Coordinators with the requisite skills, tools and knowledge to plan, control and eventually lead BCM-related audits in accordance with the requirements of ISO 22301 Standard.

    • The 3 day course would cover the following topics, which the participants should be able to master by the following:

    • Have in-depth understanding of the fundamentals for Business Continuity Management with alignment to ISO22301.
    • Learn the principles and practices of internal audit for a Business Continuity Management System (BCMS).
    • Walkthrough the entire audit process of people, policies and processes from managing an audit program, controlling audit activities to reporting on audit results.
    • Able to interpret and understand the framework and audit requirement of the ISO 22301 BCM standard.
    • Understand the function and purpose of ISO 22301, the BCM values and standards required of the company and its executives.
    • Review the leadership and management commitment for the Business Continuity Management System (BCMS).
    • Translate the requirements of ISO 22301 into a program for auditing BCM within the company.
    • Understand the Element of BC Program or BCM planning methodology with the ISO 22301, their risks and controls.
    • Highlight the principles and practices for performing an internal audit of the BCM program and/or BCM System.
    • Equip skill, knowledge and tools to plan, control and manage internal audits.
    • Report results to the company’s BCM Steering Committee and/or Executive Management about the compliance to practices, or any shortfall.

Who should attend?

  • Internal and external auditors conducting BCM audits.
  • Financial and IT auditors performing BCM compliance or regulatory audits.
  • Consultants performing first, second and third party audit for clients.
  • Any professionals assigned to audit or review the BCM policies & activities based on the ISO22301 standard.
  • Employees or consultants in EHS, Security, HR, IT, Risk & Compliance functions and are new to ISO22301 and BCM.
  • You are a business partner or service provider of essential services to any organization of which the disruption of such a service provided by you would be of catastrophic consequences to that organization.

The Business Continuity Certified Auditor or BCCA certification is awarded to participants who successfully completed their BCCA examination. This qualification is based on the applicant’s BCM skill and work experience, and is awarded by BCM Institute’s Certification & Review Committee comprising industry practitioners and subject matter experts.
This course incorporates a 100 Multiple Choice Question electronic exam on the third day. Candidates who achieve with a passing score of 70% or higher are eligible to apply for the BCM Institute’s Business Continuity Certified Auditor or BCCA accreditation.


ISO 27001:2013 Information Security Management Systems (ISMS)

Workshop Overview:

On successfully completing the course, delegates will be capable of performing effective internal audits of a company’s information security management systems and reporting the outcome. They will be able to audit a company’s information security management system and determine whether or not it meets the requirements of the relevant audit criteria. The course covers details of the requirements of ISO/IEC 27001:2013 and auditing requirements as per ISO 19011:2011).

    At the conclusion of this course delegates will have been provided with:

  • An understanding of the structure of the standard
  • An understanding of the underlying philosophy and the principles, concepts and requirements of information Security and how to apply them within an audit context
  • An appreciation of the importance of controlling Information Security in all types of business activities
  • A basic knowledge of Information Security Issues
  • An appreciation of Risk Analysis process
  • A detailed review and interpretation of the main requirements of ISO IEC 27001:2013
  • Insight of the importance of Information Security Legislation
  • Expertise on how to use Annexure A of ISO/IEC 27001:2013
  • An appreciation of documented management systems to control Information Security

All levels of company members from Chief Executive to Workforce. This course is not only a requirement for those who are to be used for internal information security audits, but also an essential course for Senior Management, Information Security Managers and Line Management who wish to have and be part of a successful and effective Information Security System.

No Prior knowledge is required. However, if one has prior experience/ knowledge of a Management System (such as ISO9001 or ISO14001) or familiarity with Information Security Issues, this could be an added advantage but this is not compulsory.

Course venue
Courses are held at various locations but, if requested, can be held at your premises. Please contact your local office for details.


  • Recap of ISMS concepts and principles- Information Asset, Risk, Risk Assessment, Threat, and Vulnerability.
  • Detailed Review of ISO/IEC 27001:2013 – Examination of requirements of the standard
  • Review Annexure A of ISO/IEC 27001:2013 along with significant changes.
  • Consolidate learning through Quiz on ISO/IEC 27001:2013 and Exercise on new elements of Annexure-A

Additional Information
The maximum number of delegates for this course is 20, the minimum number is four.
Course Duration
This is a 2 days course


ISO 45001 Occupational Health and Safety (OHSAS)

Workshop Overview:

Take the next step in occupational health and safety management today. Become an Internal Auditor with our leading BS OHSAS 45001: 2016 internal auditor training course and reap the rewards of a robust management system – achieving the highest standards of health and safety. Build employee confidence through optimum working standards and continuous improvement. Learn how to deliver structured internal audits in line with BS OHSAS 45001: 2016 requirements on our two-day course. Our professional trainers are qualified in the preparation and planning of internal occupational health and safety audits. They will support you in gaining skills and confidence to tailor your own audit framework.

Who should attend?

  • Those with responsibility for carrying out internal audits have the most to gain, taking away expertise to share with your organization.
  • Existing and newly appointed auditors
  • Health and safety managers and advisers
  • Environmental managers and advisers
  • Integrated risk managers.

What will I learn?

  • Gain an overview of health and safety management auditing and the requirements of BS OHSAS 45001:2016 certification
  • Become an internal auditor with the competency, knowledge and skills to deliver a first class auditing process
  • Be confident in your scheduling, planning, reporting and accurate reporting
  • Share knowledge and ensure improvements are made quickly and effectively
  • Take the lead and build awareness of the highest standard of health and safety management across your organization.