The successful completion of this training course is one of the necessary requirements, for the recognition of a person as an Auditor / Lead Auditor of an Information Security Management System. The course is aimed at anyone that wants to become a Third Party Auditor for such systems as well at anyone that wishes to understand the process of this specific type of audit as performed by a Third Party Auditor. The course contains the basic principles of audits, the methodology and techniques of a third party audit, the analysis of the requirements of the standard (par 1-8 and Annex A) from an Auditor standpoint and a sample of a Risk assessment methodology. Furthermore, the requirements and constraints imposed by the standard governing Third Party Audits of Information Security Management System’s – ISO 27006 – are presented and analyzed.


  • Information security
  • The importance of information security
  • ISO 27001:2005
  • Reviewing security threats and vulnerabilities
  • Management of security risks
  • Selecting security controls How to build an Information Security Management System (ISMS)
  • ISO 27001 auditing techniques
  • Managing and leading an ISO 27001 audit team
  • Interview techniques
  • Audit reporting
  • Examination to prove competency

Book courses

Please contact us concerning further inquiries.

Send inquiry


Patrick Mohr

T: +43 (0)5 0454-8163


Training units: 40

Course fee: see course details - On request | Location: Turkey & Greece | Please note that this training course is offered as inhouse training.


Certification: The successful completion of the written and oral exams is followed by the issue of a Certificate for Auditor / Lead Auditor for Information Security Management Systems by TÜV AUSTRIA ACADEMY. For the successful participants, the ability to participate as trainees in actual audits is provided.

Inhouse Trainings

Are you interested in training courses directly in your company?
More information can be found here