This free online course will teach you the basics of auditing an organization's information security management systems.

Installation of robust information security management systems is a need of the day. Such systems are essential not only because they protect an organization’s IT assets but also because they protect customers’ valuable information and data. Organizations that claim to have such systems installed should be audited by an information security management systems (ISMS) auditor.

Through this course, Exoexcellence Consultants have discussed the nuances of this profession. With four topics, students will learn about the essentials of internal auditing an organization on its ISMS and essentials, such as assurance map, audit plan, and principles of audit plan. Procedures involved in internal auditing, sampling, and planning are also included in the course. A detailed discussion on audit reporting and follow-up is given.

The last topic of the course discusses essential considerations in information security audit, such as post-audit activities, challenges associated with audits, and a list of well-known ISMS systems worldwide. Overall, this course is a great resource for beginners in this field as it provides a solid foundational knowledge of auditing against ISMS.