It depends on what you're auditing. To (internally) audit an ISMS, you have to have a) audit scope and b) audit criteria. Did you have any training on auditing? Didn't the instructor cover this during training? You could find a checklist, but then, and most importantly, it would end up being like fitting a square peg into a round hole...