Key details

Cost: $2,490 (inc. GST)

Duration: 3 Days

CPD Points: 24

Qualifications: IS

About the course

With cyber attacks and data security breaches on the rise and in the headlines, keeping your organisation’s data secure has never been more important.  The ISO standard for Information Security, ISO/IEC 27001:2022 Information Security Management Systems, provides the framework to ensure your business has the tools to manage information security risk.

The standard was updated in October 2022, with changes to some management system clauses, making some requirements more explicit and aligning them with other Annex SL standards, such as ISO 9001. In addition, the updated standard was published with its Annex A incorporating the controls outlined in ISO/IEC 27002:2022.  

Our 3-day Information Security Management Systems course will take you through the key changes to the Annex A controls and management systems clauses and understand the new requirements of ISO/IEC 27001:2022 .  We help you learn the most up-to-date processes and approaches to protect your information assets and manage information security in a practical way.

This course has the equivalent of 24 Continuing Professional Development (CPD) points.

Plus, you receive a complimentary licensed copy of:

  • ISO/IEC 27001:2022 Information security, cybersecurity and privacy protection — Information security management systems — Requirements.

    After successful completion of the course, you’ll gain access to a suite of downloadable resources including templates and checklists

Our training is different because

No homework or take-home assessment.

Internationally recognised courses.

Trainers are practising audit professionals.

All learning materials are provided.

Certificates are issued promptly upon the completion of the course.

We never cancel a course - enrol with confidence.

Secure your place now

Book now

Course overview

Learning Outcomes

After successful completion of this course, you will:

  • How to implement processes and controls within the Information Security management system
  • How to identify gaps in an Information Security management system
  • Understand the mandatory documentation requirements of an Information Security system
  • How to improve your organisation’s conformance with ISO/IEC 27001:2022

Course Content

This course is delivered as a single 3-day module covering the requirements of ISO/IEC 27001:2022. This course can be joined to an additional module: ‘Becoming a Skilled Lead Internal/External Auditor‘ where participants learn how to conduct management systems audits in accordance with ISO 19011:2018 Guidelines for Auditing Management Systems. To complete these modules together, see our Information Management Systems Lead Auditor course.



Information Security Management Systems
  • Introduction to Information Security
  • Context of Information Security
  • Information Security management systems requirements
  • Risk-based approach to information security
  • Structure of Information Security controls and control attributes.


Information Security controls
  • Information Security controls – Organisational, people, physical, technological
  • Information classification
  • Documentation requirements of Information security management systems


Information Security application
  • Statement of applicability
  • Information security audit scenarios
  • Course review


Upon successful completion of the course, you will receive a Certificate of Attainment which identifies the Exemplar Global competency below:

  • Exemplar Global IS – Information Security management systems



There are no prerequisites for this course.


Throughout the course, you will complete a series of workshops which form part of the assessment. A short multiple-choice exam at the completion of each module assesses the knowledge and understanding gained throughout the training. You will receive continual assistance and feedback from the trainer and are given anecdotal examples of real world audit situations.

No homework or take-home assessment. 

Who should attend 

Designed to cater to a variety of people currently involved in the audit and Information Security Management System process, you should attend if you:

  • want to become an internal ISMS auditor
  • want to become a 3rd party IS auditor
  • need to write and implement a ISMS
  • are involved in the Information Security management process
  • are a manager responsible for an ISMS and ISMS auditing
  • wish to consolidate your existing knowledge into a formal qualification.

Prior experience in auditing and management systems is not essential.

Study Pathway – Where to from here?

If you wish to become a registered third-party, or external Information Security Management Systems auditor with Exemplar Global, you need to have obtained the competency units from this course and the additional Exemplar Global competency units of AU and TL (via our Becoming a Skilled Lead Auditor or Management Systems Lead Auditor courses).

Contact Exemplar Global for more information on their registration process.

Additional Exemplar Global competencies for Management Systems auditing (Exemplar Global AU and TL) may be added during the same week of training, or attended separately. Competencies for Quality Management Systems (Exemplar Global QM), Environmental Management Systems (Exemplar Global EM) and/or OH&S Management Systems (Exemplar Global OH 45001), Food Safety Management Systems (Exemplar Global FS), and Business Continuity (Exemplar Global BC) may be attended separately. We also offer courses in Risk Management and Psychological Health and Safety at Work


The price of this course is $2,490 (inc. GST). Discounts for multiple attendees are available – please contact us to find out what discounts can be applied.

How to enrol

We offer an easy, streamlined enrolment process – you can either enrol directly into your course online, or call us on 1300 95 96 92 to enrol over the phone.

How to pay

We offer a variety of payment methods:

  • Direct debit
  • Credit card
  • Cheque
  • Payment plans

Payment plans

We are able to arrange flexible payment plans on an individual basis. Please be aware that your certificate will be held until full payment has been received.


Public – Face-to-face

Our public training courses are offered in multiple convenient locations across Australia, ensuring we can provide education for participants nationwide. You can attend our Integrated Management Systems Lead Auditor courses in most major capital cities, including Sydney, Melbourne, Brisbane, Perth, and Adelaide. These locations provide a perfect setting for face-to-face learning, where you can interact directly with our experienced trainers and network with other professionals in the field.

Public – Virtual/Online

If online learning is more your style, we also offer virtual training for those who prefer or require flexibility. Our online courses are available to participants in Australia and New Zealand, providing the same premium education as our face-to-face sessions, with the added convenience of online learning. The virtual platform is designed to mimic in-person learning and aims to be engaging and interactive, with real-time group exercises, Q&A sessions, and online assessments. No matter your location, you can benefit from our expert-led training and become proficient in auditing integrated management systems.

Please note: Due to licensing restrictions, our virtual courses are open to participants from Australia and NZ only.

In-house – Face-to-face or virtual

In-house training can provide a cost-effective training solution for organisations with a number of staff who require training. We can also customise a course to suit your own individual needs, and include your own audit documentation. Call us on 1300 95 96 92 or complete the form below to request a quote. 

Request an In-house quote

Training Course Locations

Risk Training Professionals

Secure your place now

Book now

Course Dates

Sort Location Start Finish Duration
Virtual - AEST (AUST & NZ participants only) Wed 04 Sep 2024 Fri 06 Sep 2024 3 Days Book now
Virtual - AEDT (AUST & NZ participants only) Wed 16 Oct 2024 Fri 18 Oct 2024 3 Days Book now
Virtual - AEDT (AUST & NZ participants only) Wed 11 Dec 2024 Fri 13 Dec 2024 3 Days Book now
Virtual - AEDT (AUST & NZ participants only) Wed 12 Feb 2025 Fri 14 Feb 2025 3 Days Book now
Virtual - AEDT (AUST & NZ participants only) Wed 26 Mar 2025 Fri 28 Mar 2025 3 Days Book now
Virtual - AEST (AUST & NZ participants only) Wed 18 Jun 2025 Fri 20 Jun 2025 3 Days Book now
Virtual - AEST (AUST & NZ participants only) Wed 10 Sep 2025 Fri 12 Sep 2025 3 Days Book now
Virtual - AEDT (AUST & NZ participants only) Wed 10 Dec 2025 Fri 12 Dec 2025 3 Days Book now

There are no search results in your chosen search.
Register and we'll be in touch when courses are available

Register Now

Can't find course dates in your city?

Register and we'll be in touch when courses are available

Register Now

“Excellent trainers with high level expertise, varied content to keep us engaged and quality resources leave me with confidence that I could implement what I’ve learned.”

“The presenters really helped to link the course material to real life situations. They were very professional and helped make the course very enjoyable.”

“Thoroughly enjoyable learning experience, facilitated to an excellent standard – Well adapted to the diversity of skill within the group.”

Fantastic course professionally run by a ‘real’ auditor working in the field which allowed for a fantastic bridge between theory and practical examples.

“It is rare to find a trainer with extensive practical and current industry knowledge of the topic. This is a real world training course for real world application. 100% recommend Pat to conduct any training in future.”

Need help finding a course?

Speak directly with a member of the RTP team to decide which course is right for you.