ISO/IEC 27001 Lead Auditor, PECB Certified

Lifelong learning for working professionals

Course Summary

Mastery of Information Security Management System (ISMS) audit based on ISO/IEC 27001:2022

The Certified ISO 27001 Lead Auditor training course allows you to develop the expertise required to perform an Information Security Management System (ISMS) audit by applying widely recognized audit principles, procedures and techniques.

During this training, you will gain knowledge and skills to plan and conduct internal and external audits in accordance with the ISO 19011 and ISO/IEC 17021-1 certification process. Based on practical exercises, you will be able to master audit techniques and become competent in managing an audit program, audit teams, communication with clients and conflict resolution. After acquiring the necessary expertise to perform this audit, you can sit the exam and apply for a “PECB Certified ISO/IEC 27001 Lead Auditor” credential. By holding a PECB Lead Auditor certificate, you will demonstrate that you have the capacity and competence to audit organizations based on best practices.

Course Objective

Understand the operations of an information security management system based on ISO/IEC 27001
Know the correlation between ISO/IEC 27001, ISO/IEC 27002 and other standards and regulations
Understand the role of an auditor to: plan, lead and follow up a management system audit in accordance with ISO 19011
Learn how to lead an audit and an audit team
Learn how to interpret the requirements of ISO/IEC 27001 in the context of an ISMS audit
Acquire the competence of an auditor to: plan an audit, lead an audit, prepare reports and follow up an audit in accordance with ISO 19011

A basic understanding of ISO/IEC 27001 and extensive knowledge of audit principles.

Target Audience

Auditors who want to perform and lead information security management system (ISMS) certification audits
Managers or consultants who want to master an information security management system audit process
Persons responsible for maintaining compliance with the information security management system requirements
Technical experts who want to prepare for an audit of an information security management system
Expert advisor in information security management

Prerequisites

A basic understanding of ISO/IEC 27001 and extensive knowledge of audit principles.

Certification

Certification exam with remote monitoring

You can take the certification test online on your computer at your convenience.
Exam time: 3 hours
Certification fees are included in the price of the exam.
If you fail the test, you can retake it free of charge within 12 months.

The PECB Certified ISO/IEC 27001 Lead Auditor remotely proctored exam fully meets the requirements of the PECB Examination and Certification Program (ECP).
The remotely proctored exam covers the following competency domains:

Domain 1 Basic principles and concepts of an information security management system (ISMS)
Area 2 Information Security Management System (ISMS)
Area 3 Fundamental audit concepts and principles
Area 4 Preparation of an ISO/IEC 27001 audit
Area 5 Conduct an ISO/IEC 27001 audit
Area 6 Completing an ISO/IEC 27001 audit
Area 7 Managing an audit program for ISO/IEC 27001

Once you have passed the test, you can apply for the credentials shown below.
You will receive a certificate once you have met all the requirements for the chosen credential.

The requirements for PECB Auditor certification are:

PECB certified ISO/IEC 27001 auditor
- Passed the PECB Certified ISO/IEC 27001 Lead Auditor exam
- Professional experience: Two years: One year of work experience in information security management
- Audit/evaluation experience: Audit activities: 200 hours in total
PECB certified ISO/IEC 27001 Lead Auditor
- Passed the PECB Certified ISO/IEC 27001 Lead Auditor exam
- Professional experience: Five years: Two years of work experience in information security management
- Audit/evaluation experience: Audit activities: 300 hours in total
PECB certified ISO/IEC 27001 Senior Lead Auditor
- Passed the PECB Certified ISO/IEC 27001 Lead Auditor exam
- Professional experience: Ten years: Seven years of work experience in Information Security Management
- Audit/evaluation experience: Audit activities: 1000 hours in total

Trainer

This course is delivered in collaboration with one of our partners.

Course Details

This training is based on both theory and best practices used in ISMS audits.
Lectures are illustrated with examples based on case studies.
Practical exercises are based on a case study that includes role plays and discussions.
The practice tests are similar to the certification exam.

Day 1 Introduction to Information Security Management Systems (ISMS) and ISO/IEC 27001

Course objectives and structure
Standards and regulations
Certification process
Basic concepts and principles of information security
Information security management system (ISMS)

Day 2 Audit principles, preparation and initiation of an audit

Basic concepts and principles of auditing
The impact of trends and technologies in auditing
Evidence-based auditing
Risk-based auditing
Initiation of the audit process
Audit stage 1

Day 3 On-site audit activities

Preparing for the stage 2 audit
Step 2 audit
Communication during the audit
Audit procedures
Creating test plans for audit

Day 4 Closure of the audit

Preparing audit findings and non-conformity reports
Audit documentation and quality review
Closing the audit
Auditor’s evaluation of action plans
After the initial audit
Management of an internal audit program
Completion of the training

Course Overview

4 days

Advanced

Can’t find a (suitable) date, but are interested in the course? Send in an expression of interest and we will do what we can to find a suitable opportunity.

Customized Courses

The course can be adapted from several perspectives:

Content and focus area
Extent and scope
Delivery approach

In interaction with the course leader, we ensure that the course meets your needs.