Introduction

This ISO/IEC 27001 Lead Auditor training course, certified by the Chartered Institute of Information Security (CIISec), is an intensive, challenging and highly interactive training program for those people who require an in-depth understanding of the ISO/IEC 27001:2022 and associated standards, and the range of auditing techniques and protocols associated with the lead auditor role.

This intensive course equips delegates with both the technical knowledge and the professional judgement required to audit an Information Security Management System (ISMS) against ISO/IEC 27001 in accordance with ISO 19011 and ISO/IEC 17021 requirements.  Participants will develop their confidence to assess organisational risk, evaluate the effectiveness of security controls and provide meaningful assurance to key stakeholders.

As a CIISec accredited course, this training has been assessed against the CIISec Skills Framework, assuring learners and employers that it delivers industry-relevant, up-to-date skills that meet the expectations of modern cyber and information security roles.  Successful completion demonstrates alignment with the skills, behaviours and ethical standards expected of information security professionals.

Duration

5 Days, 08:30 – 18:00 (days 1-4), 08:30 – 14:00 (day 5)

Who should attend?

This course is highly recommended for;

• Information Security professionals wishing to progress into lead auditing roles
• Internal and external auditors responsible for ISMS assessments
• Risk, compliance and governance professionals
• Consultants supporting ISO/IEC 27001 implementation and assurance
• Security managers responsible for the oversight of third-party or supplier audits

Course objectives

On successful completion of the course, delegates will be able to;

• Interpret and apply the requirements of ISO/IEC 27001 within an audit context
• Plan, conduct and lead ISMS audits in line with ISO 19011
• Evaluate organisational risk treatment and control effectiveness
• Identify nonconformities and opportunities for improvement
• Communicate audit findings clearly and professionally to stakeholders
• Demonstrate competence aligned with the CIISec Skills Framework

Prior Knowledge

Those attending this course are expected to have knowledge of ISO/IEC 27001:2022 as well as experience in auditing and Information Security Management Systems.

Course content

• Introduction to Information Security
• Detailed content of ISO/IEC 27001:2022
• Similarities with other management systems standards
• Information Security Management Issues including operational control
• Information Security Audit Skills
• Practical exercises and feedback

What are the benefits

Delegates studying this course will be equipped to conduct effective ISMS audits within their organisation, lead ISMS audit teams or go on to become a 3^rd party certification auditors.

Attendance of this course will earn delegates 40 hours of CPD with CIISec.

In-House Courses

Offering better value for money, they can be designed to closely match your specific requirements.

Style of Delivery and Course Leaders

Our course leaders have unrivalled experience in information security management systems design and implementation, including ISO/IEC 27001:2022. They are qualified and experienced auditors with extensive practical management experience across a wide range of businesses. We have extensive experience working across cultural boundaries, through our work in Europe, Africa, the Middle East, Asia and the Americas.

Certification

On the last day of the course there will be an online exam which is to be completed in our invigilated exam portal.

Delegates successfully completing the course, including the exam with a 70% pass mark, will be awarded a CIISec Certified training accredited certificate.

Successful completion of this accredited training course can be used as evidence of competency and used to apply for an accredited level of CIISec membership.