How do I become a ISO 27001 Lead Auditor?

To become a certified ISMS ISO 27001 Lead Auditor we recommend completing the 5 day CQI & IRCA ISO 27001 Lead Auditor training course to achieve an internationally recognised certificate. The course teaches delegates to undertake 1st, 2nd and 3rd party audits of an information security management system (ISMS).

The course is assessed through continuous assessment and a two hour written exam on the final day. The written exam includes questions about the ISO 27001 standard, writing an audit checklist and identifying nonconformities.

Upon successful completion of the course some delegates go on to register as a Lead Auditor under IRCA’s ISMS Scheme. When registering with IRCA you will have access to an extensive range of online content and publications to support your professional development as an auditor. You will also be listed on IRCA’s online register which employers often use to find Lead Auditors.

If you wish to register with IRCA, as well as completing the CQI & IRCA Lead Auditor training course you will need to gain auditing experience following the completion of the training course. The experience required includes conducting three full management system audits as a leader of an audit team.

If you have previously undertake a CQI & IRCA Lead Auditor training course in an alternative discipline, you can instead complete our three day CQI & IRCA ISO 27001 Auditor Conversion training course.

ISO 27001 Lead Auditor certification is beneficial, and often required, when applying for job roles including; Information Security Manager, Information Security Auditor, ISO 27001 Consultant, Information Security Analyst, Cyber Security Consultant, Risk Analyst, Information Assurance Consultant.

Copies of ISO/IEC 27001:2013 can be purchased from the ISO store here.