ISO/IEC 27001 Lead Auditor
- Course Duration
- 5 Days
Need Group Training
Course Description
ISO/IEC 27001 Lead Auditor training enables you to develop the necessary expertise to perform an Information Security Management System (ISMS) audit by applying widely recognized audit principles, procedures and techniques.
During this training course, you will acquire the knowledge and skills to plan and carry out internal and external audits in compliance with ISO 19011 and ISO/IEC 17021-1 certification process. Based on practical exercises, you will be able to master audit techniques and become competent to manage an audit program, audit team, communication with customers, and conflict resolution.
After acquiring the necessary expertise to perform this audit, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27001 Lead Auditor” credential. By holding a PECB Lead Auditor Certificate, you will demonstrate that you have the capabilities and competencies to audit organizations based on best practices.
Certification and examination fees are included in the price of the training course.
During this training course, you will acquire the knowledge and skills to plan and carry out internal and external audits in compliance with ISO 19011 and ISO/IEC 17021-1 certification process. Based on practical exercises, you will be able to master audit techniques and become competent to manage an audit program, audit team, communication with customers, and conflict resolution.
After acquiring the necessary expertise to perform this audit, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27001 Lead Auditor” credential. By holding a PECB Lead Auditor Certificate, you will demonstrate that you have the capabilities and competencies to audit organizations based on best practices.
Certification and examination fees are included in the price of the training course.
Course Objective
- Explain the fundamental concepts and principles of an information security management system (ISMS) based on ISO/IEC 27001
- Interpret the ISO/IEC 27001 requirements for an ISMS from the perspective of an auditor
- Evaluate the ISMS conformity to ISO/IEC 27001 requirements, in accordance with the fundamental audit concepts and principles
- Plan, conduct, and close an ISO/IEC 27001 compliance audit, in accordance with ISO/IEC 17021-1 requirements, ISO 19011 guidelines, and other best practices of auditing
- Manage an ISO/IEC 27001 audit program
Course Outline
1 – Introduction to the information security management system (ISMS) and ISO/IEC 27001
- Training course objectives and structure
- Standards and regulatory frameworks
- Certification process
- Fundamental concepts and principles of information security
- Information security management system (ISMS)
2 – Audit principles, preparation, and initiation of an audit
- Fundamental audit concepts and principles
- The impact of trends and technology in auditing
- Evidence-based auditing
- Risk-based auditing
- Initiation of the audit process
- Stage 1 audit
3 – On-site audit activities
- Preparing for stage 2 audit
- Stage 2 audit
- Communication during the audit
- Audit procedures
- Creating audit test plans
4 – Closing the audit
- Drafting audit findings and nonconformity reports
- Audit documentation and quality review
- Closing of the audit
- Evaluation of action plans by the auditor
- Beyond the initial audit
- Managing an internal audit program
- Closing of the training course