top of page

ISO 27001

Internal auditor.


Target audience.

IT specialists, managers, and other staff involved in ISMS processes.


Purpose of the course.

Students will develop skills and acquire knowledge allowing them to audit information security management systems in accordance with ISO 27001 requirements.

After completing this course, you will:

  • be able to explain the intended purpose of information security management systems (ISMS) as well as procedures for creating, implementing, operating, controlling, inspecting, and improving ISMS according to ISO 27001

  • understand the need for ISMS auditors to know all these processes

  • understand the purpose and content of ISO 27001, how this standard relates to other standards, and the legislative framework regulating ISMS

  • know how to apply audit and certification processes according to ISO 2700 possess the knowledge and skills necessary to audit for compliance with ISO 27001 Information Security Management Systems as well as to report and track results



Duration of studies: 4 days / 32 hours
Language of instruction: Russian
Language of materials and test: Russian

This course includes:
- Certified trainer
- Texts
- Test
- After passing the test, a certificate will be issued to confirm the acquired competences.


The test is administered on the last day of the course.



  • Basics, myths and reality

  • Business requirements: commercial and legislative

  • History of ISMS standards: development and current status

  • Preparation of an ISMS implementation plan

  • Development and implementation of management systems

  • Information security policies

  • Scope of ISMS

  • Identification of information assets

  • Valuation of information assets

  • Risk assessment

  • Risk management

  • Provisions on the applicability of controls

  • Development policies

  • ISMS documentation

  • Compliance with ISMS requirements related to documented procedures

  • Certification process

  • Accreditation: current status and forecasts, possible variants

  • Critical points of implementation

bottom of page