ISO27001 Certified ISMS Lead Auditor Training Course

Provided by

Enquire about this course

About the course

This four-and-a-half-day course covers the key steps involved in planning and executing an external audit of an ISO/IEC 27001:2013-compliant information security management system (ISMS).

This fully accredited course equips you with the skills to conduct second-party (supplier) and third-party (external and certification) audits. Build your career as a lead auditor, lead a team of auditors and achieve compliance with ISO 27001.

Understand how to effectively monitor conformance of an ISMS to ISO 27001

The ISO27001 Certified ISMS Lead Auditor Online training course supports professional development: delegates who pass the included exam are awarded the ISO 17024-accredited CIS LA qualification by IBITGQ.

This course is also accredited by the Institute of Information Security Professionals (IISP), and satisfies the IISP Skills Framework requirements at Level 1: A1, A3, A7, C1, C2, D2, E3, F2, H1, H2; and at Level 1+: A2, A4, A5, A6, B1, B2, D1, E1, E2, F1 and G1.

 What will you learn?

  • Understand the audit process used by certification bodies.
  • An overview of the structure and requirements of ISO 27001.
  • Learn how to use audits to monitor conformance.
  • How to apply continual improvement of the ISMS.
  • The purpose and benefits of the audit.
  • The role of auditors and standards in audits.
  • Common audit terms and definitions.
  • The principles of effective auditing.
  • Critical skills required for performing an audit.
  • The importance of observing and listening.
  • Conducting an audit follow-up.
  • The competence and evaluation of auditors.
  • Accredited certification audit specifics.
  • Selecting and leading an audit team.
  • Managing communications with the audit client.
  • How the audit process is used in first-, second- and third-party audits.
  • How to establish and maintain an audit programme.
  • Planning, conducting, reporting and following up on an audit.
  • Selecting and leading an audit team.
  • Managing communications with the audit client.
  • Best-practice audit methodology based on ISO 19011.

ISO27001 Certified ISMS Lead Auditor (CIS LA) examination

Take the CIS LA examination at the end of the course – a 90-minute, multiple-choice, ISO 17024-accredited exam set by IBITGQ.

There is no extra charge for taking this exam.

CIS LA is acknowledged by the Payment Card Industry Security Standards Council (PCI SSC) as an approved qualification meeting the requirements of an application for an individual to become a Payment Card Industry Data Security Standard (PCI DSS) Qualified Security Assessor (QSA).

Who should attend this course?

This course is aimed at people who want a globally recognised ISO 27001 lead auditor qualification to further their careers, and at managers who are responsible for the implementation and maintenance of an ISO 27001-compliant ISMS.

This course also meets the requirements of the PCI SSC for additional QSA qualifications and, in the UK, is covered by the MoD’s ELCAS scheme.

Entry requirements

There are no formal entry requirements but it is assumed that you will have a basic knowledge of ISO 27001 gained through practical experience, reading the ISO 27001:2013 standard, or by attending the ISO27001 Certified ISMS Foundation or ISO27001 Certified ISMS Lead Implementer training course.

We also recommend that delegates have copies of the most recent versions of both ISO/IEC 27001:2013 and ISO/IEC 27002:2013 standards with them during the course.



Start date Location / delivery
05 Nov 2018 London Book now
04 Dec 2018 London Book now

Related article

Bletchley Park Qufaro and GK Apprenticeships (GKA) have agreed to work in partnership to deliver cyber security apprenticeships, designed to addres...