This course has been developed to cover all requirements of the ISO/IEC 27001:2022 standard. The course includes definitions from ISO/IEC 27000:2018 (Information Security Management Systems – Overview and Vocabulary), Guidance from ISO/IEC 27003:2017 (Information Security Management System Implementation and Guidance) and auditing requirements from both ISO 19011:2010 (Guidelines for Auditing Management Systems) and ISO/IEC 27007:2017 (Guidelines for Information Security Management Systems Auditing). Group exercises and case studies will be used to develop the required skills. Other topics covered include the auditing process and methodologies, e. g. planning and conducting an audit, writing nonconformity statements, preparing an audit summary and report, and verifying corrective actions following the requirements of ISO 19011 and ISO 27007. Auditing case studies to develop skills for identifying nonconformities will be used.