ISO 27001 Lead Auditor Training Course

This certified five-day ISO 27001 Lead Auditor Training Course provides delegates with the skills and knowledge to effectively perform first, second and/or third-party audits of an ISO 27001 based system in accordance with ISO 19011 and ISO 17021. Following a central case study delegates will develop their skills and confidence to plan, conduct and follow up an ISO 27001 ISMS audit.

ISO 27001 is an international standard that specifies the requirements of an effective Information Security Management System (ISMS). An essential part of maintaining and improving an ISMS is auditing, which acts as a tool for identifying and addressing potential information security risks and ensuring compliance with the standard.

This interactive ISO 27001 Lead Auditor course includes workshops to equip delegates with the skills to undertake a risk assessment during an ISMS ISO 27001 audit, prepare checklists and write nonconformity reports. Assessment is through continuous assessment and a two hour exam on the final day of the course. Successful completion of this course satisfies the training requirements for certification as an IRCA ISMS auditor.

• Background and overview of ISO 27001 and other information security standards (ISO 27000 Family)
• ISO 27001 Annex A controls
• An introduction to auditing and the auditor’s role
• The role of management in reviewing risk and the effectiveness of the ISMS
• Planning and managing an audit:
  • resources and timing
  • determining the audit scope and objectives
  • undertaking a risk based approach
  • ISMS documentation (risk treatment plan, SoC, SoA, information security asset record)
  • use of checklists
  • selection of audit teams
• Risk assessment and risk treatment
• Conducting the audit – skills, techniques and auditor competence:
  • evaluating the significance of audit findings
  • communicating and presenting audit reports
• Nonconformities and improved security as a result of corrective actions
• Management of the third-party assessment and certification process

• Individuals looking to complete first, second and/or third party ISO 27001 audits onsite and/or remotely
• Those responsible for implementing and ensuring compliance with ISO 27001 inclusive of Information Security Managers, IT Consultants, Compliance Consultants, Cyber Security Consultants and Information Assurance Consultants
• Audit team leaders

Please note that CQI and IRCA expect delegates to have prior knowledge of the requirements (clauses) of ISO 27001. Some individuals may find it beneficial to attend our Introduction to ISO 27001 Training course.

Click here to learn more about prior knowledge requirements.

On successful completion of this certified ISO 27001 Lead Auditor Training Course delegates will be able to:

• understand the role of audits within the ISMS and the role of auditors in effecting continual improvement.
• plan ISO 27001 audits: including analysis of factors determining audit frequencies and using audit checklists
• conduct ISO 27001 audits: including interviewing techniques and methods for data collection
• close and follow up the audit: including closing meetings, nonconformity assessment and nonconformity report writing

Successful delegates will also receive a CQI and IRCA approved ‘Certificate of Achievement’ and will meet the training requirements for certification with IRCA as a registered IRCA ISMS auditor.

Often a cost effective and convenient way for organisations wishing to train several employees, this certified ISO 27001 Lead Auditor Training Course can be held at your premises, a venue of your choice or online in our Virtual Classroom.

Led by an ISO 27001 expert, the course will include interactive workshops and exercises covering topics such as ‘Risk Assessment’ ‘Audit Planning’, and ‘Performing an Audit’.

Request Quote

For Scheduled Training courses, please select from the Course Dates and Venues table below.