Home » Certified ISO/IEC ISO 27001 Lead Auditor
Training Topic: Supply Chain Management
Training Framework/Standard: ISO 27001
- Duration 5 Days
- Virtual or Classroom
This five-day intensive course enables participants to develop the necessary expertise to audit an Information Security Management System (ISMS) and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques.
During this training, the participant will acquire the necessary knowledge and skills to proficiently plan and perform internal and external audits in compliance with ISO 19011 the certification process according to ISO 17021.Based on practical exercises, the participant will develop the skills (mastering audit techniques) and competencies (managing audit teams and audit program, communicating with customers, conflict resolution, etc.) necessary to efficiently conduct an audit.
Day 1: Introduction to Information Security Management System (ISMS) concepts as required by ISO 27001
- Normative, regulatory and legal framework related to information security
- Fundamental principles of information security
- ISO 27001 certification process
- Information Security Management System (ISMS)
- Detailed presentation of the clauses 4 to 8 of ISO27001
Day 2: Planning and Initiating an ISO 27001 audit
- Fundamental audit concepts and principles
- Audit approach based on evidence and on risk
- Preparation of an ISO 27001 certification audit
- ISMS documentation audit
- Conducting an opening meeting
Day 3: Conducting an ISO 27001 audit
- Communication during the audit
- Audit procedures: observation, document review, interview, sampling techniques, technical verification, corroboration and evaluation
- Audit test plans
- Formulation of audit findings
- Documentating nonconformities
Day 4: Concluding and ensuring the follow-up of an ISO 27001 audit
- Audit documentation
- Quality review
- Conducting a closing meeting and conclusion of an ISO 27001 audit
- Evaluation of corrective action plans
- ISO 27001 Surveillance audit
- Internal audit management program
Day 5: Certification Exam
- To acquire the expertise to perform an ISO 27001 internal audit following ISO 19011 guidelines
- To acquire the expertise to perform an ISO 27001 certification audit following ISO 19011 guidelines and the specifications of ISO 17021 and ISO 27006
- To acquire the necessary expertise to manage an ISMS audit team
- To understand the operation of an ISO 27001 conformant information security management system
- To understand the relationship between an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organization
- To improve the ability to analyze the internal and external environment of an organization, its risk assessment and audit decision-making
- Internal auditors
- Auditors wanting to perform and lead Information Security Management System (ISMS) certification audits
- Project managers or consultants wanting to master the Information Security Management System audit process
- CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks
- Members of an information security team
- Expert advisors in information technology
- Technical experts wanting to prepare for an Information security audit function
The “Certified ISO/IEC 27001 Lead Auditor” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competence domains:
- Domain 1: Fundamental principles and concepts of information security
- Domain 2: Information Security Management System (ISMS)
- Domain 3: Fundamental audit concepts and principles
- Domain 4: Preparation of an ISO 27001 audit
- Domain 5: Conducting an ISO 27001 audit
- Domain 6: Closing an ISO 27001 audit
- Domain 7: Managing an ISO 27001 audit program
The “Certified ISO/IEC 27001 Lead Auditor” exam is available in different languages (the complete list of languages can be found in the examination application form)
Duration: 3 hours
After successfully completing the exam, participants can apply for the credentials of Certified ISO/IEC 27001 Provisional Auditor, Certified ISO/IEC 27001 Auditor or Certified ISO/IEC 27001 Lead Auditor depending on their level of experience. Those credentials are available for internal and external auditors
A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential
For more information about ISO 27001 certifications and PECB certification process, refer to PECB section on ISO 27001 Lead Auditor
General Information
- Certification fees are included in the exam price
- A student manual containing over 450 pages of information and practical examples will be distributed to participants
- A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to participants
- In case of failure of the exam, participants are allowed to retake the exam for free under certain conditions
ISO 27001 Foundation Certification or basic knowledge of ISO 27001 is recommended.
Training Events
Date
Title
Color
Navigate Training
- Training Overview
- Anti-Bribery and Corruption
- Business Continuity and Lead Incident Management
- Business Relationship Management Professional
- Change Management
- Digital Transformation
- Governance and Compliance
- IT Governance
- Information Security, Cybersecurity, Privacy
- IT Service and Project Management
- Risk
- Supply Chain Management
- Project Management
- In-House and On-Site Training
Train Your Team In-house
Frequently Asked Questions
Use our FAQ to quickly find the answers to the most common questions asked by customers.
Why choose us?
We have over 22 years of experience in helping businesses and employees reach their potential with advanced skills and certifications, no matter what their industry or background experience.
All our services are bespoke, which means we offer the freedom and flexibility to create a solution specific to your industry & training needs.
We can use one or more of our services to deliver the outcome required to gain the maximum results for your business.
Specialist Consultancy Services
We offer a free introductory consultation service, to get an understanding of your organisation, your working environment & your training needs.
Our expertise & experience, combined with your working knowledge, delivers results that are practical & specific to your needs.
Training That Works
We have been involved in many differing, diverse & interesting projects & we have built relationships with organisations from varying industries & sizes. Our efficient, cost-effective and engaging training courses are designed for your company and team to improve the overall business performance and equip employees with up-to-date skills and knowledge.
Talk to us today, and let us help you develop your team with our bespoke training and consultancy services.
Do you only deliver training in Johannesburg?
No, we deliver training in all 9 provinces within South Africa. We have also delivery training in several countries such as Belgium, The Kingdom of Saudi Arabia, Togo, Zambia, Rwanda, Tanzania and Swaziland.
What are the minimum and the maximum number of candidates we can train in-house?
The minimum number of candidates required for in-house training is 6. With regard to the maximum number, this depends a little on the size of the training room you have available, but we normally say between 15 – 25.
Can you tailor the course to our specific requirements?
Yes, all of our courses can be tailored to your requirements. We will aim to refer to working examples within your business or industry.
Who are your clients?
Our clients come from companies and organisations of all sizes within the public and private sector. We work in most industries and have a proven track record of delivering high levels of customer satisfaction. See some of the names we have worked with here.