ISO/IEC 27001 LEAD AUDITOR

The ISO/IEC 27001 Lead Auditor course helps participants to develop the necessary expertise to perform an Information Security Management System (ISMS) audit by applying widely recognised audit principles, procedures, and techniques.

WHY ISO/IEC 27001 LEAD AUDITOR?

During this training course, attendants will acquire the knowledge and skills to plan and carry out internal and external audits in compliance with ISO 19011 and the certification process according to ISO/IEC 17021-1.

Based on practical exercises, participants will be able to master the audit techniques and become competent to manage an audit program, audit team, communication with customers, and conflict resolution.  

After acquiring the necessary expertise to perform this audit, participants can sit for the exam and apply for a “PECB Certified ISO/IEC 27001 Lead Auditor” credential. A PECB Lead Auditor Certificate is proof of the capabilities and competencies gained during the course to audit organizations based on best practices. 

WHO SHOULD ATTEND?

  • Auditors seeking to perform and lead Information Security Management System certification audits.
  • Managers or consultants seeking to master an Information Security Management System audit process.
  • Individuals responsible for maintaining conformance with Information Security Management System requirements.
  • Technical experts seeking to prepare for an Information Security Management System audit.
  • Expert advisors in Information Security Management.

LEARNING OBJECTIVES

  • Understand the operations of an Information Security Management System based on ISO/IEC 27001.
  • Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks.
  • Understand an auditor’s role to plan, lead, and follow-up on a management system audit in accordance with ISO 19011.
  • Learn how to lead an audit and audit team
  • Learn how to interpret the requirements of ISO/IEC 27001 in the context of an ISMS audit.
  • Acquire the competencies of an auditor to plan an audit, lead an audit, and draft reports on an audit in compliance with ISO 19011.

COURSE AGENDA

Day 1: Introduction to the Information Security Management System and ISO/IEC 27001

Day 2: Audit principles, preparation, and launching of an audit

Day 3: On-site audit activities

Day 4: Closing an audit

Day 5: Certification Exam

This training is based on both theory and best practices used in ISMS audits. The lecture sessions are illustrated with practical questions and examples. Practical exercises include examples and case study discussions. Practice tests are similar to the Certification Exam.

EXAMINATION

The “PECB Certified ISO/IEC 27001 Lead Auditor” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:

Domain 1: Fundamental principles and concepts of an Information Security Management System

Domain 2: Information Security Management Systems

Domain 3: Fundamental audit concepts and principles

Domain 4: Preparation of an ISO/IEC 27001 audit

Domain 5: Conducting an ISO/IEC 27001 audit

Domain 6: Closing an ISO/IEC 27001 audit

Domain 7: Managing an ISO/IEC 27001 audit programme

Examination rules and policies

CERTIFICATION

Upon the successful completion of the exam, participants can apply for the credential shown in the table below.

PECB Credential PECB Exam Professional experience MS audit/assessment experience
Certified ISO/IEC 27001 Provisional Auditor Certified ISO/IEC 27001 Lead Auditor  or equivalent None None
Certified ISO/IEC 27001 Auditor Certified ISO/IEC 27001 Lead Auditor  or equivalent 2 years: 1 year of work experience in Information Security Management Audit activities: a total of 200 hours
Certified ISO/IEC 27001 Lead Auditor Certified ISO/IEC 27001 Lead Auditor or equivalent 5 years: 2 years of work experience in Information Security Management Audit activities: a total of 300 hours
Certified ISO/IEC 27001 Senior Lead Auditor Certified ISO/IEC 27001 Auditor Exam or equivalent 10 years: 7 year of work experience in Information Security Management Audit activities: a total of 1000 hours

Participants will also sign the PECB Code of Ethics in order to receive your certification.

Certification rules and policies

GENERAL INFORMATION

  • Certification fees are included in the exam price.
  • Online examination.
  • Training material containing over 450 pages of information and practical examples will be distributed.
  • A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued.
  • In case of exam failure, you can retake the exam within 12 months for free.

COURSE FORMAT

  • Self-study training.

Download the ISO/IEC 27001 Lead Auditor Brochure

Get in touch