ISO/IEC 27001 Information Security Management Systems – Lead Auditor

 Who should attend?

• Auditors seeking to perform and lead Information Security Management System (ISMS) certification audits
• Managers or consultants seeking to master an Information Security Management System audit process
• Individuals responsible for maintaining conformance with Information Security Management System requirements
• Technical experts seeking to prepare for an Information Security Management System audit
• Expert advisors in Information Security Management

Learning objectives

By the end of this training course, the participants will be able to:

1. Explain the fundamental concepts and principles of an information security management system (ISMS) based on ISO/IEC 27001
2. Interpret the ISO/IEC 27001 requirements for an ISMS from the perspective of an auditor
3. Evaluate the ISMS conformity to ISO/IEC 27001 requirements, in accordance with the fundamental audit concepts and principles
4. Plan, conduct, and close an ISO/IEC 27001 compliance audit, in accordance with ISO/IEC 17021-1 requirements, ISO 19011 guidelines, and other best practices of auditing
5. Manage an ISO/IEC 27001 audit program

Educational approach

• This training is based on both theory and best practices used in ISMS audits
• Lecture sessions are illustrated with examples based on case studies
• Practical exercises are based on a case study which includes role playing and discussions
• Practice tests are similar to the Certification Exam

Course agenda                

Day 1: Introduction to the information security management system (ISMS) and ISO/IEC 27001                

Day 2: Audit principles, preparation, and initiation of an audit                

Day 3: On-site audit activities                

Day 4: Closing the audit                

Day 5: Certification Exam

Examination

The “PECB Certified ISO/IEC 27001 Lead Auditor” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:

Domain 1: Fundamental principles and concepts of Information Security Management System (ISMS)              

Domain 2: Information Security Management System (ISMS)              

Domain 3: Fundamental audit concepts and principles              

Domain 4: Preparation of an ISO/IEC 27001 audit              

Domain 5: Conducting an ISO/IEC 27001 audit              

Domain 6: Closing an ISO/IEC 27001 audit              

Domain 7: Managing an ISO/IEC 27001 audit program

Certification

After successfully completing the exam, you can apply for the credentials shown on the table below. You will receive a certificate once you comply with all the requirements related to the selected credential.

The requirements for PECB Auditor Certifications are:

To be considered valid, these audits should follow best audit practices and include the following activities:

1. 1. Audit planning
   2.  Audit interview
   3. Managing an audit program
   4. Drafting audit reports
   5. Drafting non-conformity reports
   6. Drafting audit working documents
   7.  Documentation review
   8. On-site Audit
   9. Follow-up on non-conformities
   10. Leading an audit team

General Information

• Certification and examination fees are included in the price of the training course
• Training material containing over 450 pages of information and practical examples will be distributed
• An attestation of course completion worth 31 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course.
• In case of exam failure, you can retake the exam within 12 months for free