CPDEquivalent to 40 hours
CERTIFICATESAll delegates will receive a certificate on completion.
A CQI and IRCA Certified ISO/IEC 27001 Lead Auditor Training Course (ref: 17293) online or in-person.
ISO 27001 is an international standard that specifies the requirements of an effective Information Security Management System (ISMS). An essential part of maintaining and improving an ISMS is auditing, which acts as a tool for identifying and addressing potential information security risks and ensuring compliance with the standard.
This interactive ISO 27001 Lead Auditor course includes workshops to equip delegates with the skills to undertake a risk assessment during an ISMS ISO 27001 audit, prepare checklists and write nonconformity reports. Assessment is through continuous assessment and a two hour exam on the final day of the course. Successful completion of this course satisfies the training requirements for certification as an IRCA ISMS auditor.
- Background and overview of ISO 27001 and other information security standards (ISO 27000 Family)
- ISO 27001 Annex A controls
- An introduction to auditing and the auditor’s role
- The role of management in reviewing risk and the effectiveness of the ISMS
- Planning and managing an audit:
- resources and timing
- determining the audit scope and objectives
- undertaking a risk based approach
- ISMS documentation (risk treatment plan, SoC, SoA, information security asset record)
- use of checklists
- selection of audit teams
- Risk assessment and risk treatment
- Conducting the audit – skills, techniques and auditor competence:
- evaluating the significance of audit findings
- communicating and presenting audit reports
- Nonconformities and improved security as a result of corrective actions
- Management of the third-party assessment and certification process
- Individuals looking to complete first, second and/or third party ISO 27001 audits onsite and/or remotely
- Those responsible for implementing and ensuring compliance with ISO 27001 inclusive of Information Security Managers, IT Consultants, Compliance Consultants, Cyber Security Consultants and Information Assurance Consultants
- Audit team leaders
Please note that CQI and IRCA expect delegates to have prior knowledge of the requirements (clauses) of ISO 27001. Some individuals may find it beneficial to attend our Introduction to ISO 27001 Training course.
Click here to learn more about prior knowledge requirements.
- understand the role of audits within the ISMS and the role of auditors in effecting continual improvement.
- plan ISO 27001 audits: including analysis of factors determining audit frequencies and using audit checklists
- conduct ISO 27001 audits: including interviewing techniques and methods for data collection
- close and follow up the audit: including closing meetings, nonconformity assessment and nonconformity report writing
Successful delegates will also receive a CQI and IRCA approved ‘Certificate of Achievement’ and will meet the training requirements for certification with IRCA as a registered IRCA ISMS auditor.
Led by an ISO 27001 expert, the course will include interactive workshops and exercises covering topics such as ‘Risk Assessment’ ‘Audit Planning’, and ‘Performing an Audit’.
For Scheduled Training courses, please select from the Course Dates and Venues table below.
Course Dates and Venues
De Vere Beaumont Estate
Worsley Park Marriott Hotel & Country Club
New Place Hotel
Doubletree by Hilton Hotel Coventry
Hilton Glasgow Grosvenor
Holiday Inn Bristol City Centre
Agilitas IT Solutions Limited|27th Jul, 2021
Black Rainbow Consulting Ltd|17th Jul, 2021
Temple QMS Ltd|7th Jul, 2021
Energy Saving Trust|1st Jun, 2021
Pastdue Credit Solutions|28th May, 2021
MOD|21st May, 2021