Professional Training

Prerequisites

There are no formal entry requirements but it is assumed that you will have a basic knowledge of ISO 27001 gained through practical experience, reading the ISO 27001:2013 standard, or by attending the ISO27001 Certified ISMS Foundation or ISO27001 Certified ISMS Lead Implementer training courses.

We also recommend that delegates have copies of the most recent versions of the ISO/IEC 27001:2013 and ISO/IEC 27002:2013 standards with them during the course.

This course is aimed at people who want a globally recognised ISO 27001 lead auditor qualification to further their careers, and at managers who are responsible for the implementation and maintenance of an ISO 27001-compliant ISMS.

What does the ISO 27001 Certified ISMS Lead Auditor course cover?

An overview of the structure and major requirements of ISO/IEC 27001.
An overview of the audit process used by certification bodies.
The purpose, benefits and core principles of effective auditing.
Common auditing terms and definitions.
Critical skills required for performing an audit.
Best-practice audit methodology based on ISO 19011.
How to establish, maintain and manage an audit programme.
How to plan, conduct, report, summarise and follow-up on an audit.
Effective interviewing techniques and observation skills.
How to use audits to identify nonconformities and ensure appropriate corrective action is taken.
How to assess and evaluate the competence of auditors.
Accredited certification audit specifics.
How the audit process is used in first, second and third-party audits.
How to apply continual improvement of the ISMS.

Course agenda:

Purpose and benefits of audits
Role of auditors
Role of standards in audits
Audit terms and definitions
Principles of auditing<
Managing an audit programme
Performing an audit
Observing and listening
Reporting and Summarising Audit Findings
Conducting Audit Follow-up
Competence and Evaluation of Auditors
Accredited Certification Audit specifics
Auditing an Information Security Management System to ISO 27001:2013

What’s included in this course?

A professional training venue;
Lunch and refreshments;
Full course materials (digital copy provided as a PDF file);
The ISO 27001 ISMS Lead Auditor exam; and
A certificate of attendance.

What equipment should I bring?

The exam is an online exam. You will need to bring a ‘pop-up enabled’ laptop/tablet to the venue. Full details on how to access the exam will be provided by email 1–2 days before sitting the exam.

Course duration and times

Day 1: 10:00 am – 5:00 pm
Day 2: 9:15 am – 5:00 pm
Day 3: 9:15 am – 5:00 pm
Day 4: 9:15 am – 5:00 pm
Day 5: 9:15 am – 1:30 pm

CPD/CPE points

This course is equivalent to 35 CPD/CPE points.

Exams and Qualifications

ISO 27001 Certified ISMS Lead Auditor exam
Attendees take the ISO 27001 Certified ISMS Lead Auditor (CIS LA), ISO 17024-certificated, exam set by IBITGQ at the end of the course. This is a 90-minute multiple-choice online exam, consisting of 40 questions. Candidates need to achieve a minimum of 65% to pass. There is no extra charge for taking the exam.

What qualifications will I receive?
ISO 27001 Certified ISMS Lead Auditor (CIS LA).

How will I receive my exam results and certificates?
Provisional exam results will be available immediately on completion of the exam. Confirmed exam results will be issued within ten working days from the date of the exam.
Certificates for those who have achieved a passing grade will be issued within ten working days from the date of the exam.
Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard copy exam certificates are not issued.

Can exams be retaken?
Yes, if you are unsuccessful on the first attempt you can retake the exam for an additional fee. You can email us to schedule the retest for the exam.