ISO 27001 Lead Auditor Training Course
DURATION
5 daysCPD
Equivalent to 40 hoursCERTIFICATES
All delegates will receive a certificate on completion.DELIVERY OPTIONS
Course Approval
A CQI and IRCA certified ISO/IEC 27001:2013 Lead Auditor training course (ref: 17293).
This CQI and IRCA certified ISO 27001 Lead Auditor training course explores how auditing an organisation’s information security management system (ISMS) helps to ensure that the system:
- conforms to the organisation’s specification
- meets the requirements of the ISO 27001 information security standard, with reference to ISO 19011 and ISO 17021
- is effectively implemented and maintained.
Created and delivered by information security experts, the ISO 27001 Lead Auditor course equips delegates with the skills and confidence to undertake a full audit, from planning through preparing and reporting to follow up. The interactive course includes workshops and follows a central case study to help reinforce learning.
Students are assessed through continuous evaluation and a two-hour written exam on the final day of the course. Successful completion will satisfy the training requirements for certification as an IRCA ISMS auditor.
- anyone who wishes to complete first, second and/or third-party ISO 27001 audits onsite and/or remotely
- audit team leaders
- those responsible for implementing and ensuring compliance with ISO 27001, including IT security managers, compliance consultants, cyber security consultants, information assurance professionals, QHSE managers, management systems professionals and existing auditors
- those wishing to gain a recognised ISO 27001 lead auditor certificate
- those seeking to apply to the CQI as an IRCA ISMS auditor
Please note that CQI and IRCA expect delegates attending this ISO 27001 Lead Auditor training course to have prior knowledge of the requirements (clauses) of ISO 27001. Some individuals may find it beneficial to attend our Introduction to ISO 27001 Training course.
Click here to learn more about prior knowledge requirements.
- background and overview of ISO 27001 and other information security standards (ISO 27000 Family)
- ISO 27001 Annex A controls
- an introduction to auditing against ISO 27001 and the auditor’s role
- the role of management in reviewing risk and the effectiveness of the ISMS
- planning and managing an ISMS audit:
- resources and timing
- determining the audit scope and objectives
- undertaking a risk-based approach
- ISMS documentation (risk treatment plan, SoC, SoA, information security asset record)
- use of checklists
- selection of audit teams
- risk assessment and risk treatment
- conducting the ISMS audit – skills, techniques and auditor competence:
- evaluating the significance of audit findings
- communicating and presenting audit reports
- nonconformities and improved security as a result of corrective actions
- correction and corrective action
management of the third-party assessment and certification process
- understand the role of internal and external audits and auditors in ensuring compliance of the ISMS to organisational and standards requirements
- lead ISO 27001 audits, including initiation, planning, conducting the audit, reporting and follow up/close out
- contribute to the continual improvement of an ISMS
Successful delegates will receive a CQI and IRCA approved ‘Certificate of Achievement’ and will meet the training requirements for certification with IRCA as a registered IRCA ISMS auditor.
For Scheduled Training courses, please select from the Course Dates and Venues table below.
Course dates and venues
Customer reviews
British Army|5th Apr, 2022
HawkSight SRM Ltd|17th Jan, 2022
South Yorkshire Police|14th Dec, 2021
Network Rail|13th Dec, 2021
Network Rail|10th Dec, 2021
Titian Software Ltd|7th Dec, 2021
Network Rail|6th Dec, 2021
Gladstone MRM|9th Aug, 2021
Agilitas IT Solutions Limited|4th Aug, 2021
Hampshire Constabulary|2nd Aug, 2021
Agilitas IT Solutions Limited|27th Jul, 2021
Black Rainbow Consulting Ltd|17th Jul, 2021