About the course
The ISO 27001 Certified ISMS Lead Auditor course outline
This fully accredited course equips you with the skills to conduct second-party (supplier) and third-party (external and certification) audits. Build your career as a lead auditor, lead a team of auditors and achieve compliance with ISO 27001.
This course is also accredited by the Institute of Information Security Professionals (IISP), and satisfies the IISP Skills Framework requirements at Level 1: A1, A3, A7, C1, C2, D2, E3, F2, H1 and H2; and at Level 1+: A2, A4, A5, A6, B1, B2, D1, E1, E2, F1 and G1
The benefits of the ISO 27001 ISMS Lead Auditor course
Designed by experts
Designed by IT Governance Director Steve Watkins, who is also a technical assessor for the United Kingdom Accreditation Service (UKAS), where he helps with the assessment of certification bodies, enabling them to award ISO 27001 certificates of compliance.
Delivered by professionals
Real-world practitioners show you how to tackle an ISMS project from start to finish.
Led by specialists
An experienced ISO 27001 auditor and practitioner will explain how to lead an audit from start to finish.
Aligned with best practice
Aligned with the best-practice ISO 19011:2011 (Guidelines for auditing management systems) audit methodology.
Gain experience of practical application of the audit process to ISO management systems through discussion and role play.
At just £1,000 for four-and-a-half days of training, we won’t be beaten on price.
Who should attend this course?
This course is aimed at individuals who want a globally-recognised ISO 27001 lead auditor qualification to further their careers, and at managers who are responsible for the implementation and maintenance of an ISO 27001-compliant ISMS.
IT/ Information Security Manager
IT/ Information Security Consultant
Cyber Security Consultant
Head of IT
Information and risk manager
Information security analyst
Information Security Officer
MoD ELCAS Funding
This course is eligible for funding under the MoD ELCAS scheme and is suitable for serving members of the MoD or service leavers who wish to develop a career in information security management.
Why choose IT Governance for your training needs?
IT Governance is internationally recognised as the authority on ISO 27001. Our team led the world’s first ISO 27001 certification project, and since then we have trained more than 7,000 professionals on information security management system (ISMS) implementations and audits.
What does the ISO 27001 Certified ISMS Lead Auditor course cover?
- An overview of the structure and major requirements of ISO/IEC 27001.
- An overview of the audit process used by certification bodies.
- The purpose, benefits and core principles of effective auditing.
- Common auditing terms and definitions.
- Critical skills required for performing an audit.
- Best-practice audit methodology based on ISO 19011.
- How to establish, maintain and manage an audit programme.
- How to plan, conduct, report, summarise and follow-up on an audit.
- Effective interviewing techniques and observation skills.
- How to use audits to identify nonconformities and ensure appropriate corrective action is taken.
- How to assess and evaluate the competence of auditors.
- Accredited certification audit specifics.
- How the audit process is used in first, second and third-party audits.
- How to apply continual improvement of the ISMS.
- Purpose and benefits of audits
- Role of auditors
- Role of standards in audits
- Audit terms and definitions
- Principles of auditing
- Managing an audit programme
- Performing an audit
- Observing and listening
- Reporting and Summarising Audit Findings
- Conducting Audit Follow-up
- Competence and Evaluation of Auditors
- Accredited Certification Audit specifics
- Auditing an Information Security Management System to ISO 27001:2013
What’s included in this course?
- A professional training venue with lunch and refreshments;
- Full course materials (digital copy provided as a PDF file);
- The ISO 27001 ISMS Lead Auditor exam; and
- A certificate of attendance.
What equipment should I bring?
The exam is an online exam. You will need to bring a ‘pop-up enabled’ laptop/tablet to the venue. Full details on how to access the exam will be provided by email 1–2 days before sitting the exam.
Course duration and times
Day 1: 10:00 am – 5:00 pm
Day 2: 9:15 am – 5:00 pm
Day 3: 9:15 am – 5:00 pm
Day 4: 9:15 am – 5:00 pm
Day 5: 9:15 am – 1:30 pm
This course is equivalent to 35 CPD/CPE points.
CIS LA is acknowledged by the Payment Card Industry Security Standards Council (PCI SSC) as an approved qualification, meeting the requirements of an application for an individual to become a Payment Card Industry Data Security Standard (PCI DSS) Qualified Security Assessor (QSA).
How much does the ISO 27001 Certified ISMS Lead Auditor course cost?
The course costs £1,000 ex VAT.
ISO 27001 Certified ISMS Lead Auditor exam
Attendees take the ISO 27001 Certified ISMS Lead Auditor (CIS LA), ISO 17024-certificated, exam set by IBITGQ at the end of the course. This is a 90-minute multiple-choice online exam, consisting of 40 questions. Candidates need to achieve a minimum of 65% to pass. There is no extra charge for taking the exam.
What qualifications will I receive?
ISO 27001 Certified ISMS Lead Auditor (CIS LA).
How will I receive my exam results and certificates?
- Provisional exam results will be available immediately on completion of the exam. Confirmed exam results will be issued within ten working days from the date of the exam.
- Certificates for those who have achieved a passing grade will be issued within ten working days from the date of the exam.
- Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard copy exam certificates are not issued.
Can exams be retaken?
Yes, if you are unsuccessful on the first attempt you can retake the exam for an additional fee. You can email us to schedule the retest for the exam.
Are there any prerequisites for this course?
Before joining this course, you need to have attended the ISO27001 Certified ISMS Foundation or ISO27001 Certified ISMS Lead Implementer training course or, you have a good working knowledge of ISO 27001 gained through practical experience.
Is there any recommended reading?
We strongly recommend you purchase and read the standard prior to attending the course:
- ISO IEC 27001 2013 and ISO IEC 27002 2013
We also recommend that you purchase and read the following textbooks:
- ISO27001/ISO27002 – A Pocket Guide
- An Introduction to Information Security and ISO27001:2013 – A Pocket Guide
Do I need to bring proof of identity?
Delegates must bring a form of photographic ID with them as the invigilator my request to check it prior to the exam.