Professional Track

ISO/IEC 27001 Auditor Track

Develop the skills to plan, conduct and evaluate audits against ISO/IEC 27001 in real organisational contexts

Professional Track

ISO/IEC 27001 Auditor Track

Develop the skills to plan, conduct and evaluate audits against ISO/IEC 27001 in real organisational contexts

Professional Track

ISO/IEC 27001 Auditor Track

Develop the skills to plan, conduct and evaluate audits against ISO/IEC 27001 in real organisational contexts

Auditor

Auditor

Information Security

Information Security

ISO/IEC 27001

ISO/IEC 27001

ISO/IEC 27001 auditor reviewing information security controls with an IT colleague in a data centre environment.

Auditing information security beyond control checklists

A modular training programme for information security auditors. Learn to audit ISO/IEC 27001 Information Security Management Systems based on risk, controls and evidence, not checklists alone.

ISO/IEC 27001 auditor reviewing information security controls with an IT colleague in a data centre environment.

Auditing information security beyond control checklists

A modular training programme for information security auditors. Learn to audit ISO/IEC 27001 Information Security Management Systems based on risk, controls and evidence, not checklists alone.

ISO/IEC 27001 auditor reviewing information security controls with an IT colleague in a data centre environment.

Auditing information security beyond control checklists

A modular training programme for information security auditors. Learn to audit ISO/IEC 27001 Information Security Management Systems based on risk, controls and evidence, not checklists alone.

Overview

Overview

Overview

The ISO/IEC 27001 Auditor Track is designed for professionals responsible for auditing Information Security Management Systems (ISMS). It goes beyond clause-by-clause interpretation and teaches how to audit an ISMS holistically, using evidence-based and risk-focused methods.

The track covers the full audit life cycle and enables effective ISMS audits in internal auditing, supplier auditing as well as third-party auditing contexts.

The ISO/IEC 27001 Auditor Track is designed for professionals responsible for auditing Information Security Management Systems (ISMS). It goes beyond clause-by-clause interpretation and teaches how to audit an ISMS holistically, using evidence-based and risk-focused methods.

The track covers the full audit life cycle and enables effective ISMS audits in internal auditing, supplier auditing as well as third-party auditing contexts.

Target audience

Target audience

Target audience

  • Current or aspiring internal, supplier, or third-party auditors who want to audit information security management systems against ISO/IEC 27001

  • Information security or risk professionals seeking to move into ISMS auditing roles

  • Auditors from other management system domains who want to expand their audit competence into information security

  • Practising ISO/IEC 27001 auditors who want to improve audit consistency, risk-based judgement, and handling of complex ISMS environments

  • Current or aspiring internal, supplier, or third-party auditors who want to audit information security management systems against ISO/IEC 27001

  • Information security or risk professionals seeking to move into ISMS auditing roles

  • Auditors from other management system domains who want to expand their audit competence into information security

  • Practising ISO/IEC 27001 auditors who want to improve audit consistency, risk-based judgement, and handling of complex ISMS environments

Learning outcomes

In this track, you will acquire the following capabilities.

Learning outcomes

In this track, you will acquire the following capabilities.

Learning outcomes

In this track, you will acquire the following capabilities.

Understand and interpret ISO/IEC 27001 requirements reliably

  • Interpret ISO/IEC 27001 requirements consistently across different organisational contexts

  • Understand how ISMS are structured and applied in practice

Plan and conduct audits in a structured manner

  • Plan and perform internal, supplier and third-party ISMS audits in accordance with ISO 19011

  • Apply appropriate audit techniques to obtain objective and verifiable audit evidence

Evaluate conformity and audit findings professionally

  • Assess conformity of an ISMS against ISO/IEC 27001 requirements and defined audit criteria

  • Formulate clear, well-founded audit findings and nonconformities

Communicate audit results and support improvement

  • Communicate audit results professionally to auditees and management

  • Support improvement by providing clear, actionable audit feedback

Understand and interpret ISO/IEC 27001 requirements reliably

  • Interpret ISO/IEC 27001 requirements consistently across different organisational contexts

  • Understand how ISMS are structured and applied in practice

Plan and conduct audits in a structured manner

  • Plan and perform internal, supplier and third-party ISMS audits in accordance with ISO 19011

  • Apply appropriate audit techniques to obtain objective and verifiable audit evidence

Evaluate conformity and audit findings professionally

  • Assess conformity of an ISMS against ISO/IEC 27001 requirements and defined audit criteria

  • Formulate clear, well-founded audit findings and nonconformities

Communicate audit results and support improvement

  • Communicate audit results professionally to auditees and management

  • Support improvement by providing clear, actionable audit feedback

Professional positioning

  • Build a recognised competence profile as an auditor for ISO/IEC 27001 across different organisational contexts

  • Assess information security management systems in a structured, independent and standard-compliant manner, and substantiate audit findings professionally

  • Act as a competent professional counterpart to organisations, management, certification bodies and other auditors

Track ID

HAT-IS-A

Duration

~18 days

Language

English

List price

CHF 9,000

Excl. VAT. VAT may apply depending on customer location and status.

Bespoke options

Bespoke options

Bespoke options

Programmes tailored to your organizational needs

Programmes tailored to your organizational needs

Modular system

Reuse of modules across tracks

Modular system

Reuse of modules across tracks

Modular system

Reuse of modules across tracks

Previously completed modules are recognized, avoiding duplication when pursuing additional Halderstone tracks.

Core modules

Specialization modules

Domain-agnostic competence

Shared and recognized across all Halderstone auditor tracks

ISO/IEC 27001

ISO/IEC 42001

ISO 9001

ISO/IEC 27701

ISO 22301

ISO 14001

Core modules

Specialization modules

Domain-agnostic competence

Shared and recognized across all Halderstone auditor tracks

ISO/IEC 27001

ISO/IEC 42001

ISO 9001

ISO/IEC 27701

ISO 22301

ISO 14001

Core modules

Specialization modules

Domain-agnostic competence

Shared and recognized across all Halderstone auditor tracks

ISO/IEC 27001

ISO/IEC 42001

ISO 9001

ISO/IEC 27701

ISO 22301

ISO 14001

If you later decide to extend your auditing competence to additional areas and ISO standards, you can earn additional auditor credentials without repeating the common core. This allows you to build an integrated competence profile step by step with limited additional effort.

Scalable credential model

Two credentials with one track

Scalable credential model

Two credentials with one track

Scalable credential model

Two credentials with one track

Core credential — shared foundation

Halderstone Diploma in Management System Auditing

  • Cross-domain auditing foundation

  • Applicable across multiple ISO standards

  • Reusable foundation for other auditor tracks

Core credential — shared foundation

Halderstone Diploma in Management System Auditing

  • Cross-domain auditing foundation

  • Applicable across multiple ISO standards

  • Reusable foundation for other auditor tracks

Core credential — shared foundation

Halderstone Diploma in Management System Auditing

  • Cross-domain auditing foundation

  • Applicable across multiple ISO standards

  • Reusable foundation for other auditor tracks

Specialisation credential — domain focus

Halderstone Certified ISO/IEC 27001 Auditor

  • Fundamentals of information security management

  • Ability to audit ISO/IEC 27001-specific requirements

Specialisation credential — domain focus

Halderstone Certified ISO/IEC 27001 Auditor

  • Fundamentals of information security management

  • Ability to audit ISO/IEC 27001-specific requirements

Specialisation credential — domain focus

Halderstone Certified ISO/IEC 27001 Auditor

  • Fundamentals of information security management

  • Ability to audit ISO/IEC 27001-specific requirements

Overview

Full curriculum

The curriculum below shows all modules included in this learning path. Core modules are shared across tracks and are recognised if already completed.

Overview

Full curriculum

The curriculum below shows all modules included in this learning path. Core modules are shared across tracks and are recognised if already completed.

Overview

Full curriculum

The curriculum below shows all modules included in this learning path. Core modules are shared across tracks and are recognised if already completed.

Core modules

Shared foundations common to all Auditor tracks

Management system core

Expand...

Management system core

Expand...

Management system core

Expand...

Auditing core

Expand...

Auditing core

Expand...

Auditing core

Expand...

Auditing domain-agnostic ISO standard clauses

Expand...

Auditing domain-agnostic ISO standard clauses

Expand...

Auditing domain-agnostic ISO standard clauses

Expand...

Specialization modules

Role-specific modules that deepen your expertise in ISO/IEC 27001 Auditing

Domain competence in Information Security Management and ISO/IEC 27001

Expand...

Domain competence in Information Security Management and ISO/IEC 27001

Expand...

Domain competence in Information Security Management and ISO/IEC 27001

Expand...

Auditing ISO/IEC 27001-specific clauses

Expand...

Auditing ISO/IEC 27001-specific clauses

Expand...

Auditing ISO/IEC 27001-specific clauses

Expand...

Final assessment

Practical and theoretical demonstration of your acquired competence as ISO/IEC 27001 Auditor

Capstone project

Expand...

Capstone project

Expand...

Capstone project

Expand...

Final exam

Expand...

Final exam

Expand...

Final exam

Expand...

Good to know

Answers to common questions

Good to know

Answers to common questions

Good to know

Answers to common questions

How are other frameworks and standards handled in this track?

How are other frameworks and standards handled in this track?

How are other frameworks and standards handled in this track?

What is included in a Halderstone professional track?

What is included in a Halderstone professional track?

What is included in a Halderstone professional track?

Are the tracks aligned with recognised standards such as ISO?

Are the tracks aligned with recognised standards such as ISO?

Are the tracks aligned with recognised standards such as ISO?

Do I need to complete all modules in the track?

Do I need to complete all modules in the track?

Do I need to complete all modules in the track?

Can I attend individual modules without enrolling in the full track?

Can I attend individual modules without enrolling in the full track?

Can I attend individual modules without enrolling in the full track?

Are modules recognised across different Halderstone tracks?

Are modules recognised across different Halderstone tracks?

Are modules recognised across different Halderstone tracks?

Is this track suitable if I am new to the topic?

Is this track suitable if I am new to the topic?

Is this track suitable if I am new to the topic?

How long does it take to complete the track?

How long does it take to complete the track?

How long does it take to complete the track?

What if I am unsure whether this track is right for me?

What if I am unsure whether this track is right for me?

What if I am unsure whether this track is right for me?

Continuous learning

Related tracks

Continuous learning

Related tracks

Continuous learning

Related tracks

View all tracks

View all tracks

Information security managers reviewing systems in a professional office setting, representing leadership and governance of an information security management system.

Information Security Manager Track

Helping a national healthcare provider shape policy reforms, align with regulations, and improve patient care.

Read more

Information security managers reviewing systems in a professional office setting, representing leadership and governance of an information security management system.

Information Security Manager Track

Helping a national healthcare provider shape policy reforms, align with regulations, and improve patient care.

Read more

Information security managers reviewing systems in a professional office setting, representing leadership and governance of an information security management system.

Information Security Manager

Helping a national healthcare provider shape policy reforms, align with regulations, and improve patient care.

Read more

ISO 22301 auditor conducting a site inspection with a guide and operational expert, assessing business continuity capabilities in an industrial environment.

ISO 22301 Auditor Track

Helping a national healthcare provider shape policy reforms, align with regulations, and improve patient care.

Read more

ISO 22301 auditor conducting a site inspection with a guide and operational expert, assessing business continuity capabilities in an industrial environment.

ISO 22301 Auditor Track

Helping a national healthcare provider shape policy reforms, align with regulations, and improve patient care.

Read more

ISO 22301 auditor conducting a site inspection with a guide and operational expert, assessing business continuity capabilities in an industrial environment.

ISO 22301 Auditor

Helping a national healthcare provider shape policy reforms, align with regulations, and improve patient care.

Read more

View all tracks

View all tracks

Office scene with people standing, walking and sitting

Ready to improve your management systems?

We support continuous improvement by embedding ISO requirements into everyday practice and daily operations.

Contact us

Office scene with people standing, walking and sitting

Ready to improve your management systems?

We support continuous improvement by embedding ISO requirements into everyday practice and daily operations.

Contact us

Office scene with people standing, walking and sitting

Ready to improve your management systems?

We support continuous improvement by embedding ISO requirements into everyday practice and daily operations.

Contact us

Explore the Halderstone Academy

Explore the Halderstone Academy

Explore the Halderstone Academy