delivering expert training since 1962

ISO/IEC 27001:2022 Information Security Management Systems

Helps manage sensitive company information so that it remains secure!

More Info

ISMS ISO/IEC 27001:2022 Foundation Course - CQI IRCA Certified

1 Day Course – £445

Learn what a Information Security Management System is and the requirements of the ISO 27001 standard

In-house course
More Info
More Info

ISMS ISO/IEC 27001:2022 Internal Auditor Course - CQI IRCA Certified

2 Day Course – £795

Learn how to plan and conduct internal audits of your companies Information Security Management System

In-house course
More Info
More Info

ISMS ISO/IEC 27001:2022 Lead Auditor Course - CQI IRCA Certified

5 Day Course – £1295

We teach you the tools and techniques of how to plan, lead and report audits within your own organisation, your suppliers or third party organisations

In-house course Public course
More Info
More Info

ISMS ISO/IEC 27001:2022 Auditor Conversion Course - CQI IRCA Certified

3 Day Course – £1095

ISO/IEC 27001:2022 Auditor Conversion course

In-house course Public course
More Info
More Info

Introduction to GDPR

1 Day Course – £250

Learn what the new GDPR (General Data Protection Regulations) mean for your business – every UK business is affected, it cannot be ignored

In-house course Public course
More Info

Not sure which course is right for you?

Use our course selector

Need to train more than 3 people?

We can customise each course to match your exact needs

Talk to one of our helpful team today

Get your free quote

Why choose Batalas?

We have been doing this for over 50 years
We have trained over 250,000 people in this time
Our course pass rate is over 95%
99% of our clients say they would use us again

Latest Resources

Winter Savings on ISO training

Winter Savings on ISO training!  We are offering up to an incredible £100 off CQI IRCA-certified courses this Winter. Choose from a range of ISO training courses, learning in a virtual classroom via Zoom [...]

Save up to £100 off in our Winter Sale

Save up to £100 off selected courses! Enjoy savings on ISO training this Winter.  Study in a traditional classroom at one of our UK training venues, or learn from the comfort of your home [...]

Save money on virtual ISO training this Winter

We are offering huge discounts on selected virtual courses between January - March - book today and start 2021 with a bang! Choose from ISO 9001 Quality (QMS), ISO 27001 Info Security (ISMS), [...]

Frequently Asked Questions for Auditing Management Systems

Yes

Firstly, the ISO standard (ISO 9001) states that you must internally audit your organisation at planned intervals and that you must audit if it

  • meets the planned arrangements (with regards to product realization)
  • meets the requirements of the ISO standard
  • meets the requirements of your management system

But you will note that it does not directly say that you must audit every 12 months. Having said that, it is common sense that if you left it longer than 12 months (or even shorter) between audits then would you be able to prove that the system does everything above? Therefore the industry standard is every 12 months, although this can change:

The standard also states that when planning the audit programme you must take into account the “status and importance” of the processes and areas being audited, and very importantly the results of previous audits. In other words, if a process if critical to what you do, or previous audits have found problems, then that process must be audited more often.

One of the main reasons why internal audits raise trivial, and in some cases repeating, nonconformities is that audit reports are not ‘closed out’ correctly. It is important that actions taken to address nonconformities are corrective action (correcting the root cause of the issue) and not correction (purely a short term fix).
Managers are measured on results and therefore results orientated information is of prime concern to them. If the internal audit process includes the identification of process effectiveness and opportunities for improvement then you will grab their attention.
Technically yes.

The requirement in all standards is to conduct internal audits against

  • the appropriate ISO standard
  • any regulatory and legal requirements
  • your own management system requirements

Having said that, if you work in a larger organisation then the likelihood is that you have a team of auditors, some audit the entire system and others will conduct smaller process/procedure audits  – every situation is different, if in doubt give one of our friendly team a call for free advice

Yes. The advantage is that a good auditor may be able to use his/her experience to identify opportunities for improvement which would not have been possible by using your own staff. The downside is that the use of external auditors tends to lead to a lack of ownership of the management system.

Auditing can be seen as a fairly negative process, with the emphasis being on digging into the detail and raising what is seen to many as trivial issues.

Consequently, when selecting internal auditors it is normal to add more junior staff to complement the small team of quality, environmental and health & safety professionals.

Internal auditing should be focused on improving the management system, and hence business performance, and therefore more senior managers should be involved in internal auditing.

One of the ways to get them involved is to allocate to them the task of auditing for improvement, with more junior staff involved in the more time consuming tasks of conformance auditing.

We’re Here To Help Your Business Secure It’s Information

Get In Touch Today To Find Out More

Stay up to date with industry news, courses and offers

  • By submitting this form, you are giving your consent to receive marketing emails from Batalas. Your data will not be forwarded to any third parties and you can unsubscribe at any time.

    By clicking submit you agree to the Terms and Conditions and Privacy Policy
  • This field is for validation purposes and should be left unchanged.